diff --git a/Makefile b/Makefile index 53412c4b1..1e8145e5e 100644 --- a/Makefile +++ b/Makefile @@ -195,7 +195,7 @@ config/rbac: controller-gen $(GO4CONTROLLERGEN_SOURCES) touch "$@" config/crd/bases: controller-gen $(GO4CONTROLLERGEN_SOURCES) - $(CONTROLLER_GEN) crd:crdVersions="v1" output:artifacts:config="$@" paths="./..." + $(CONTROLLER_GEN) crd:crdVersions="v1",maxDescLen=0 output:artifacts:config="$@" paths="./..." touch "$@" .PHONY: generate @@ -530,7 +530,7 @@ clean: # find or download controller-gen # download controller-gen if necessary -CONTROLLER_GEN_VERSION := 0.9.2 +CONTROLLER_GEN_VERSION := 0.14.0 CONTROLLER_GEN := $(BIN)/controller-gen .PHONY: controller-gen @@ -661,7 +661,7 @@ $(GORELEASER): # find or download stringer # download stringer if necessary -STRINGER_VERSION := v0.11.0 +STRINGER_VERSION := v0.19.0 STRINGER := $(BIN)/stringer .PHONY: stringer diff --git a/apis/goharbor.io/v1alpha3/chartmuseum_conversion.go b/apis/goharbor.io/v1alpha3/chartmuseum_conversion.go index 42ccc9d28..f5381ff3b 100644 --- a/apis/goharbor.io/v1alpha3/chartmuseum_conversion.go +++ b/apis/goharbor.io/v1alpha3/chartmuseum_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/chartmuseum_types.go b/apis/goharbor.io/v1alpha3/chartmuseum_types.go index b14d0350a..58e5c26fb 100644 --- a/apis/goharbor.io/v1alpha3/chartmuseum_types.go +++ b/apis/goharbor.io/v1alpha3/chartmuseum_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/core_conversion.go b/apis/goharbor.io/v1alpha3/core_conversion.go index f5f1e5740..0a28334a6 100644 --- a/apis/goharbor.io/v1alpha3/core_conversion.go +++ b/apis/goharbor.io/v1alpha3/core_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/core_types.go b/apis/goharbor.io/v1alpha3/core_types.go index d2a58efd4..ad588befe 100644 --- a/apis/goharbor.io/v1alpha3/core_types.go +++ b/apis/goharbor.io/v1alpha3/core_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/exporter_conversion.go b/apis/goharbor.io/v1alpha3/exporter_conversion.go index fdfca9556..8ad35db1e 100644 --- a/apis/goharbor.io/v1alpha3/exporter_conversion.go +++ b/apis/goharbor.io/v1alpha3/exporter_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/exporter_types.go b/apis/goharbor.io/v1alpha3/exporter_types.go index d3dba7ae8..605121d21 100644 --- a/apis/goharbor.io/v1alpha3/exporter_types.go +++ b/apis/goharbor.io/v1alpha3/exporter_types.go @@ -3,7 +3,7 @@ package v1alpha3 import ( "strconv" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/harbor_conversion.go b/apis/goharbor.io/v1alpha3/harbor_conversion.go index 7213e01ff..30b40ce5a 100644 --- a/apis/goharbor.io/v1alpha3/harbor_conversion.go +++ b/apis/goharbor.io/v1alpha3/harbor_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/harbor_types.go b/apis/goharbor.io/v1alpha3/harbor_types.go index 7cff8537c..18ef053de 100644 --- a/apis/goharbor.io/v1alpha3/harbor_types.go +++ b/apis/goharbor.io/v1alpha3/harbor_types.go @@ -6,8 +6,8 @@ import ( "path" "strings" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/image" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/image" cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/apis/goharbor.io/v1alpha3/harbor_types_test.go b/apis/goharbor.io/v1alpha3/harbor_types_test.go index 29c077734..5f6131f69 100644 --- a/apis/goharbor.io/v1alpha3/harbor_types_test.go +++ b/apis/goharbor.io/v1alpha3/harbor_types_test.go @@ -1,8 +1,8 @@ package v1alpha3_test import ( - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1alpha3" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1alpha3" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" corev1 "k8s.io/api/core/v1" diff --git a/apis/goharbor.io/v1alpha3/harborcluster_conversion.go b/apis/goharbor.io/v1alpha3/harborcluster_conversion.go index 6c2a34b23..700d2b7ff 100644 --- a/apis/goharbor.io/v1alpha3/harborcluster_conversion.go +++ b/apis/goharbor.io/v1alpha3/harborcluster_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/harborcluster_types.go b/apis/goharbor.io/v1alpha3/harborcluster_types.go index 787458bc6..08c8429f3 100644 --- a/apis/goharbor.io/v1alpha3/harborcluster_types.go +++ b/apis/goharbor.io/v1alpha3/harborcluster_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/apis/goharbor.io/v1alpha3/jobservice_conversion.go b/apis/goharbor.io/v1alpha3/jobservice_conversion.go index f72f83a2f..927a5c28a 100644 --- a/apis/goharbor.io/v1alpha3/jobservice_conversion.go +++ b/apis/goharbor.io/v1alpha3/jobservice_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/jobservice_types.go b/apis/goharbor.io/v1alpha3/jobservice_types.go index da29dbe26..055a3cc02 100644 --- a/apis/goharbor.io/v1alpha3/jobservice_types.go +++ b/apis/goharbor.io/v1alpha3/jobservice_types.go @@ -3,7 +3,7 @@ package v1alpha3 import ( "errors" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/notary_types.go b/apis/goharbor.io/v1alpha3/notary_types.go index 010f0b8f0..76ef8bf14 100644 --- a/apis/goharbor.io/v1alpha3/notary_types.go +++ b/apis/goharbor.io/v1alpha3/notary_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" ) type NotaryLoggingSpec struct { diff --git a/apis/goharbor.io/v1alpha3/notaryserver_conversion.go b/apis/goharbor.io/v1alpha3/notaryserver_conversion.go index ac3595229..9ec09518a 100644 --- a/apis/goharbor.io/v1alpha3/notaryserver_conversion.go +++ b/apis/goharbor.io/v1alpha3/notaryserver_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/notaryserver_types.go b/apis/goharbor.io/v1alpha3/notaryserver_types.go index 5cce7f35a..567c0dd2b 100644 --- a/apis/goharbor.io/v1alpha3/notaryserver_types.go +++ b/apis/goharbor.io/v1alpha3/notaryserver_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/notarysigner_conversion.go b/apis/goharbor.io/v1alpha3/notarysigner_conversion.go index 3448c6ea2..edda230c7 100644 --- a/apis/goharbor.io/v1alpha3/notarysigner_conversion.go +++ b/apis/goharbor.io/v1alpha3/notarysigner_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/notarysigner_types.go b/apis/goharbor.io/v1alpha3/notarysigner_types.go index 81bd9af93..72d7972c1 100644 --- a/apis/goharbor.io/v1alpha3/notarysigner_types.go +++ b/apis/goharbor.io/v1alpha3/notarysigner_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/portal_conversion.go b/apis/goharbor.io/v1alpha3/portal_conversion.go index dcc19d542..5fae34602 100644 --- a/apis/goharbor.io/v1alpha3/portal_conversion.go +++ b/apis/goharbor.io/v1alpha3/portal_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/portal_types.go b/apis/goharbor.io/v1alpha3/portal_types.go index fe077f70d..cb46fc1a8 100644 --- a/apis/goharbor.io/v1alpha3/portal_types.go +++ b/apis/goharbor.io/v1alpha3/portal_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/registry_conversion.go b/apis/goharbor.io/v1alpha3/registry_conversion.go index 547ea1a2c..47dd0cf83 100644 --- a/apis/goharbor.io/v1alpha3/registry_conversion.go +++ b/apis/goharbor.io/v1alpha3/registry_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/registry_types.go b/apis/goharbor.io/v1alpha3/registry_types.go index 890064298..dfa9f207e 100644 --- a/apis/goharbor.io/v1alpha3/registry_types.go +++ b/apis/goharbor.io/v1alpha3/registry_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/registryctl_conversion.go b/apis/goharbor.io/v1alpha3/registryctl_conversion.go index 77c1f6801..ba4b6e99b 100644 --- a/apis/goharbor.io/v1alpha3/registryctl_conversion.go +++ b/apis/goharbor.io/v1alpha3/registryctl_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/registryctl_types.go b/apis/goharbor.io/v1alpha3/registryctl_types.go index 0b8e93084..541a98201 100644 --- a/apis/goharbor.io/v1alpha3/registryctl_types.go +++ b/apis/goharbor.io/v1alpha3/registryctl_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/trivy_conversion.go b/apis/goharbor.io/v1alpha3/trivy_conversion.go index 89b4acfda..5081e6ca7 100644 --- a/apis/goharbor.io/v1alpha3/trivy_conversion.go +++ b/apis/goharbor.io/v1alpha3/trivy_conversion.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - "github.com/goharbor/harbor-operator/pkg/convert" + "github.com/plotly/harbor-operator/pkg/convert" "sigs.k8s.io/controller-runtime/pkg/conversion" ) diff --git a/apis/goharbor.io/v1alpha3/trivy_types.go b/apis/goharbor.io/v1alpha3/trivy_types.go index 3e272a704..35964a7c8 100644 --- a/apis/goharbor.io/v1alpha3/trivy_types.go +++ b/apis/goharbor.io/v1alpha3/trivy_types.go @@ -1,7 +1,7 @@ package v1alpha3 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1alpha3/zz_generated.deepcopy.go b/apis/goharbor.io/v1alpha3/zz_generated.deepcopy.go index 74f87ed7c..ffb9b1318 100644 --- a/apis/goharbor.io/v1alpha3/zz_generated.deepcopy.go +++ b/apis/goharbor.io/v1alpha3/zz_generated.deepcopy.go @@ -1,12 +1,11 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated // Code generated by controller-gen. DO NOT EDIT. package v1alpha3 import ( - "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -2886,7 +2885,8 @@ func (in *RegistryHTTPSpec) DeepCopyInto(out *RegistryHTTPSpec) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } @@ -2952,7 +2952,8 @@ func (in *RegistryHealthHTTPSpec) DeepCopyInto(out *RegistryHealthHTTPSpec) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } @@ -3261,7 +3262,8 @@ func (in *RegistryNotificationEndpointSpec) DeepCopyInto(out *RegistryNotificati if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } diff --git a/apis/goharbor.io/v1beta1/chartmuseum_types.go b/apis/goharbor.io/v1beta1/chartmuseum_types.go index 1bff753af..7b347dc2a 100644 --- a/apis/goharbor.io/v1beta1/chartmuseum_types.go +++ b/apis/goharbor.io/v1beta1/chartmuseum_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/core_types.go b/apis/goharbor.io/v1beta1/core_types.go index 6b88fe1a7..80b8de349 100644 --- a/apis/goharbor.io/v1beta1/core_types.go +++ b/apis/goharbor.io/v1beta1/core_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/exporter_types.go b/apis/goharbor.io/v1beta1/exporter_types.go index 0ff68adf1..20560ceb0 100644 --- a/apis/goharbor.io/v1beta1/exporter_types.go +++ b/apis/goharbor.io/v1beta1/exporter_types.go @@ -3,7 +3,7 @@ package v1beta1 import ( "strconv" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/harbor_types.go b/apis/goharbor.io/v1beta1/harbor_types.go index 0470db17a..2f2e2643c 100644 --- a/apis/goharbor.io/v1beta1/harbor_types.go +++ b/apis/goharbor.io/v1beta1/harbor_types.go @@ -6,8 +6,8 @@ import ( "path" "strings" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/image" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/image" cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/apis/goharbor.io/v1beta1/harbor_webhook.go b/apis/goharbor.io/v1beta1/harbor_webhook.go index ff4a8d28d..6315c67ff 100644 --- a/apis/goharbor.io/v1beta1/harbor_webhook.go +++ b/apis/goharbor.io/v1beta1/harbor_webhook.go @@ -4,8 +4,8 @@ import ( "context" "net/url" - "github.com/goharbor/harbor-operator/pkg/version" "github.com/pkg/errors" + "github.com/plotly/harbor-operator/pkg/version" apierrors "k8s.io/apimachinery/pkg/api/errors" runtime "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/apis/goharbor.io/v1beta1/harborcluster_types.go b/apis/goharbor.io/v1beta1/harborcluster_types.go index 27735b300..31e0bf7ec 100644 --- a/apis/goharbor.io/v1beta1/harborcluster_types.go +++ b/apis/goharbor.io/v1beta1/harborcluster_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/apis/goharbor.io/v1beta1/harborcluster_webhook.go b/apis/goharbor.io/v1beta1/harborcluster_webhook.go index e537bf44f..6b240ebd5 100644 --- a/apis/goharbor.io/v1beta1/harborcluster_webhook.go +++ b/apis/goharbor.io/v1beta1/harborcluster_webhook.go @@ -4,7 +4,7 @@ import ( "context" "fmt" - "github.com/goharbor/harbor-operator/pkg/version" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" apierrors "k8s.io/apimachinery/pkg/api/errors" runtime "k8s.io/apimachinery/pkg/runtime" diff --git a/apis/goharbor.io/v1beta1/jobservice_types.go b/apis/goharbor.io/v1beta1/jobservice_types.go index e68dc1fab..6fd869cb8 100644 --- a/apis/goharbor.io/v1beta1/jobservice_types.go +++ b/apis/goharbor.io/v1beta1/jobservice_types.go @@ -3,7 +3,7 @@ package v1beta1 import ( "errors" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/apis/goharbor.io/v1beta1/notary_types.go b/apis/goharbor.io/v1beta1/notary_types.go index 5ab65cde8..e7aac3d13 100644 --- a/apis/goharbor.io/v1beta1/notary_types.go +++ b/apis/goharbor.io/v1beta1/notary_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" ) type NotaryLoggingSpec struct { diff --git a/apis/goharbor.io/v1beta1/notaryserver_types.go b/apis/goharbor.io/v1beta1/notaryserver_types.go index df8ba8e06..62efcf1ab 100644 --- a/apis/goharbor.io/v1beta1/notaryserver_types.go +++ b/apis/goharbor.io/v1beta1/notaryserver_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/notarysigner_types.go b/apis/goharbor.io/v1beta1/notarysigner_types.go index 3ddfd4ce0..1f957ce6b 100644 --- a/apis/goharbor.io/v1beta1/notarysigner_types.go +++ b/apis/goharbor.io/v1beta1/notarysigner_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/portal_types.go b/apis/goharbor.io/v1beta1/portal_types.go index ab2e6d057..40734498e 100644 --- a/apis/goharbor.io/v1beta1/portal_types.go +++ b/apis/goharbor.io/v1beta1/portal_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/registry_types.go b/apis/goharbor.io/v1beta1/registry_types.go index 73c6dc68e..bbe2426ec 100644 --- a/apis/goharbor.io/v1beta1/registry_types.go +++ b/apis/goharbor.io/v1beta1/registry_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/apis/goharbor.io/v1beta1/registryctl_types.go b/apis/goharbor.io/v1beta1/registryctl_types.go index 19fc994d1..6962f9d63 100644 --- a/apis/goharbor.io/v1beta1/registryctl_types.go +++ b/apis/goharbor.io/v1beta1/registryctl_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/trivy_types.go b/apis/goharbor.io/v1beta1/trivy_types.go index 0b20c7fdc..03a289e16 100644 --- a/apis/goharbor.io/v1beta1/trivy_types.go +++ b/apis/goharbor.io/v1beta1/trivy_types.go @@ -1,7 +1,7 @@ package v1beta1 import ( - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/apis/goharbor.io/v1beta1/zz_generated.deepcopy.go b/apis/goharbor.io/v1beta1/zz_generated.deepcopy.go index 89393cb92..d59259fcd 100644 --- a/apis/goharbor.io/v1beta1/zz_generated.deepcopy.go +++ b/apis/goharbor.io/v1beta1/zz_generated.deepcopy.go @@ -1,12 +1,11 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated // Code generated by controller-gen. DO NOT EDIT. package v1beta1 import ( - "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -4009,7 +4008,8 @@ func (in *RegistryHTTPSpec) DeepCopyInto(out *RegistryHTTPSpec) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } @@ -4075,7 +4075,8 @@ func (in *RegistryHealthHTTPSpec) DeepCopyInto(out *RegistryHealthHTTPSpec) { if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } @@ -4384,7 +4385,8 @@ func (in *RegistryNotificationEndpointSpec) DeepCopyInto(out *RegistryNotificati if val == nil { (*out)[key] = nil } else { - in, out := &val, &outVal + inVal := (*in)[key] + in, out := &inVal, &outVal *out = make([]string, len(*in)) copy(*out, *in) } diff --git a/apis/meta/v1alpha1/component.go b/apis/meta/v1alpha1/component.go index 125816dc2..2ad238b09 100644 --- a/apis/meta/v1alpha1/component.go +++ b/apis/meta/v1alpha1/component.go @@ -5,7 +5,7 @@ import ( "errors" "math" - "github.com/goharbor/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" "sigs.k8s.io/kustomize/kstatus/status" diff --git a/apis/meta/v1alpha1/image_source.go b/apis/meta/v1alpha1/image_source.go index ca03be470..acc7b9bd6 100644 --- a/apis/meta/v1alpha1/image_source.go +++ b/apis/meta/v1alpha1/image_source.go @@ -1,7 +1,7 @@ package v1alpha1 import ( - "github.com/goharbor/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/image" corev1 "k8s.io/api/core/v1" ) diff --git a/apis/meta/v1alpha1/metric.go b/apis/meta/v1alpha1/metric.go index 4f5136f1d..27fbc6f9b 100644 --- a/apis/meta/v1alpha1/metric.go +++ b/apis/meta/v1alpha1/metric.go @@ -4,7 +4,7 @@ import ( "fmt" "strconv" - "github.com/goharbor/harbor-operator/pkg/config/harbor" + "github.com/plotly/harbor-operator/pkg/config/harbor" "github.com/goharbor/harbor/src/common" corev1 "k8s.io/api/core/v1" ) diff --git a/apis/meta/v1alpha1/trace.go b/apis/meta/v1alpha1/trace.go index 4216028ed..cf00650dd 100644 --- a/apis/meta/v1alpha1/trace.go +++ b/apis/meta/v1alpha1/trace.go @@ -5,7 +5,7 @@ import ( "fmt" "strconv" - "github.com/goharbor/harbor-operator/pkg/config/harbor" + "github.com/plotly/harbor-operator/pkg/config/harbor" "github.com/goharbor/harbor/src/common" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/apis/meta/v1alpha1/zz_generated.deepcopy.go b/apis/meta/v1alpha1/zz_generated.deepcopy.go index 0bd50fd50..72cbf8a07 100644 --- a/apis/meta/v1alpha1/zz_generated.deepcopy.go +++ b/apis/meta/v1alpha1/zz_generated.deepcopy.go @@ -1,5 +1,4 @@ //go:build !ignore_autogenerated -// +build !ignore_autogenerated // Code generated by controller-gen. DO NOT EDIT. diff --git a/charts/harbor-operator/Chart.lock b/charts/harbor-operator/Chart.lock index 17f534c52..669f50a37 100644 --- a/charts/harbor-operator/Chart.lock +++ b/charts/harbor-operator/Chart.lock @@ -5,8 +5,5 @@ dependencies: - name: redis-operator repository: https://spotahome.github.io/redis-operator version: 3.1.4 -- name: postgres-operator - repository: https://opensource.zalando.com/postgres-operator/charts/postgres-operator - version: 1.7.0 -digest: sha256:a457f468187c5ac3e0279e64e9a565335b0a5455400ccc818f29e4758c8074d0 -generated: "2023-02-22T10:57:46.632256448+01:00" +digest: sha256:e8d0086622f37d4bbfece5e0379fa21a7eb86915d815db6860547f4f22ac4f4a +generated: "2024-03-28T16:26:11.634972141-04:00" diff --git a/charts/harbor-operator/Chart.yaml b/charts/harbor-operator/Chart.yaml index 08080aec4..b775ab8f1 100644 --- a/charts/harbor-operator/Chart.yaml +++ b/charts/harbor-operator/Chart.yaml @@ -32,9 +32,3 @@ dependencies: repository: https://spotahome.github.io/redis-operator tags: - cache -- name: postgres-operator - version: 1.7.0 - condition: postgres-operator.enabled - repository: https://opensource.zalando.com/postgres-operator/charts/postgres-operator - tags: - - database diff --git a/charts/harbor-operator/templates/clusterrole.yaml b/charts/harbor-operator/templates/clusterrole.yaml index c85ccc6b8..2b80d1f85 100644 --- a/charts/harbor-operator/templates/clusterrole.yaml +++ b/charts/harbor-operator/templates/clusterrole.yaml @@ -3,7 +3,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: '{{ include "chart.fullname" . }}-harbor-operator-role' rules: - apiGroups: diff --git a/charts/harbor-operator/templates/crds.yaml b/charts/harbor-operator/templates/crds.yaml new file mode 100644 index 000000000..f3357e34d --- /dev/null +++ b/charts/harbor-operator/templates/crds.yaml @@ -0,0 +1,23998 @@ +{{- /* Code generated by make. DO NOT EDIT. */ -}} +{{- if .Values.installCRDs }} +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: chartmuseums.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: ChartMuseum + listKind: ChartMuseumList + plural: chartmuseums + singular: chartmuseum + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + anonymousGet: + default: false + type: boolean + basicAuthRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + bearer: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + realm: + type: string + service: + type: string + required: + - certificateRef + - realm + - service + type: object + type: object + cache: + properties: + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + type: object + certificateRefs: + items: + type: string + type: array + chart: + properties: + allowOverwrite: + default: true + type: boolean + index: + properties: + parallelLimit: + format: int32 + minimum: 0 + type: integer + storageTimestampTolerance: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + onlySemver2: + default: false + type: boolean + postFormFieldName: + properties: + chart: + default: chart + minLength: 1 + type: string + provenance: + default: prov + minLength: 1 + type: string + type: object + repo: + properties: + depth: + default: 1 + format: int32 + minimum: 0 + type: integer + depthDynamic: + default: false + type: boolean + type: object + storage: + properties: + amazon: + properties: + accessKeyID: + type: string + accessSecretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + bucket: + type: string + endpoint: + type: string + prefix: + type: string + region: + type: string + serverSideEncryption: + type: string + required: + - bucket + type: object + filesystem: + properties: + prefix: + type: string + volumeSource: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + required: + - volumeSource + type: object + maxStorageObject: + format: int64 + minimum: 0 + type: integer + openstack: + properties: + authenticationURL: + type: string + container: + type: string + domain: + type: string + domainID: + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + tenant: + type: string + tenantID: + type: string + userid: + type: string + username: + type: string + required: + - authenticationURL + - container + type: object + type: object + url: + pattern: https?://.* + type: string + required: + - storage + type: object + disable: + properties: + api: + default: false + type: boolean + delete: + default: false + type: boolean + forceOverwrite: + default: false + type: boolean + metrics: + default: false + type: boolean + statefiles: + default: false + type: boolean + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + properties: + debug: + default: false + type: boolean + health: + default: false + type: boolean + json: + default: false + type: boolean + latencyInteger: + default: true + type: boolean + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + server: + properties: + corsAllowOrigin: + type: string + maxUploadSize: + default: 20971520 + format: int64 + minimum: 0 + type: integer + readTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + writeTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - chart + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + anonymousGet: + default: false + type: boolean + basicAuthRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + bearer: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + realm: + type: string + service: + type: string + required: + - certificateRef + - realm + - service + type: object + type: object + cache: + properties: + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + type: object + certificateRefs: + items: + type: string + type: array + chart: + properties: + allowOverwrite: + default: true + type: boolean + index: + properties: + parallelLimit: + format: int32 + minimum: 0 + type: integer + storageTimestampTolerance: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + onlySemver2: + default: false + type: boolean + postFormFieldName: + properties: + chart: + default: chart + minLength: 1 + type: string + provenance: + default: prov + minLength: 1 + type: string + type: object + repo: + properties: + depth: + default: 1 + format: int32 + minimum: 0 + type: integer + depthDynamic: + default: false + type: boolean + type: object + storage: + properties: + amazon: + properties: + accessKeyID: + type: string + accessSecretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + bucket: + type: string + endpoint: + type: string + prefix: + type: string + region: + type: string + serverSideEncryption: + type: string + required: + - bucket + type: object + azure: + properties: + accountkeyRef: + type: string + accountname: + type: string + baseURL: + default: core.windows.net + type: string + container: + type: string + pathPrefix: + default: /azure/harbor/charts + type: string + type: object + filesystem: + properties: + prefix: + type: string + volumeSource: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + required: + - volumeSource + type: object + gcs: + properties: + bucket: + type: string + chunksize: + type: string + keyDataSecretRef: + type: string + pathPrefix: + type: string + required: + - bucket + - keyDataSecretRef + type: object + maxStorageObject: + format: int64 + minimum: 0 + type: integer + openstack: + properties: + authenticationURL: + type: string + container: + type: string + domain: + type: string + domainID: + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + tenant: + type: string + tenantID: + type: string + userid: + type: string + username: + type: string + required: + - authenticationURL + - container + type: object + oss: + properties: + accessKeyID: + type: string + accessSecretRef: + type: string + bucket: + type: string + endpoint: + type: string + pathPrefix: + type: string + required: + - accessKeyID + - accessSecretRef + - bucket + - endpoint + type: object + type: object + url: + pattern: https?://.* + type: string + required: + - storage + type: object + disable: + properties: + api: + default: false + type: boolean + delete: + default: false + type: boolean + forceOverwrite: + default: false + type: boolean + metrics: + default: false + type: boolean + statefiles: + default: false + type: boolean + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + properties: + debug: + default: false + type: boolean + health: + default: false + type: boolean + json: + default: false + type: boolean + latencyInteger: + default: true + type: boolean + type: object + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + server: + properties: + corsAllowOrigin: + type: string + maxUploadSize: + default: 20971520 + format: int64 + minimum: 0 + type: integer + readTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + writeTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - chart + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: cores.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: Core + listKind: CoreList + plural: cores + singular: core + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + adminInitialPasswordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + authMode: + default: db_auth + enum: + - db_auth + type: string + certificateRefs: + items: + type: string + type: array + components: + properties: + chartRepository: + properties: + absoluteURL: + default: false + type: boolean + cacheDriver: + default: redis + enum: + - redis + type: string + url: + pattern: https?://.+ + type: string + required: + - url + type: object + jobService: + properties: + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + url: + pattern: https?://.+ + type: string + required: + - secretRef + - url + type: object + notaryServer: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + portal: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + registry: + properties: + controllerURL: + pattern: https?://.+ + type: string + credentials: + properties: + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + type: string + required: + - passwordRef + - username + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + storageProviderName: + minLength: 1 + type: string + sync: + default: false + type: boolean + url: + pattern: https?://.+ + type: string + required: + - controllerURL + - credentials + - url + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tokenService: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + url: + pattern: https?://.+ + type: string + required: + - certificateRef + - url + type: object + trivy: + properties: + adapterURL: + pattern: https?://.+ + type: string + url: + pattern: https?://.+ + type: string + required: + - adapterURL + - url + type: object + required: + - jobService + - portal + - registry + - tokenService + type: object + configExpiration: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + csrfKeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + properties: + database: + minLength: 1 + type: string + encryptionKeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + maxIdleConnections: + default: 50 + format: int32 + minimum: 0 + type: integer + maxOpenConnections: + default: 1000 + format: int32 + minimum: 0 + type: integer + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + required: + - encryptionKeyRef + type: object + externalEndpoint: + pattern: https?://.+ + type: string + http: + properties: + enableGzip: + default: true + type: boolean + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + properties: + level: + default: info + enum: + - debug + - info + - warn + - error + type: string + type: object + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + publicCertificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + idleTimeout: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - adminInitialPasswordRef + - components + - csrfKeyRef + - database + - externalEndpoint + - redis + - secretRef + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + adminInitialPasswordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + authMode: + default: db_auth + enum: + - db_auth + type: string + certificateRefs: + items: + type: string + type: array + components: + properties: + chartRepository: + properties: + absoluteURL: + default: false + type: boolean + cacheDriver: + default: redis + enum: + - redis + type: string + url: + pattern: https?://.+ + type: string + required: + - url + type: object + jobService: + properties: + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + url: + pattern: https?://.+ + type: string + required: + - secretRef + - url + type: object + notaryServer: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + portal: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + registry: + properties: + controllerURL: + pattern: https?://.+ + type: string + credentials: + properties: + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + type: string + required: + - passwordRef + - username + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + storageProviderName: + minLength: 1 + type: string + sync: + default: false + type: boolean + url: + pattern: https?://.+ + type: string + required: + - controllerURL + - credentials + - url + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tokenService: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + url: + pattern: https?://.+ + type: string + required: + - certificateRef + - url + type: object + trivy: + properties: + adapterURL: + pattern: https?://.+ + type: string + url: + pattern: https?://.+ + type: string + required: + - adapterURL + - url + type: object + required: + - jobService + - portal + - registry + - tokenService + type: object + configExpiration: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + csrfKeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + properties: + database: + minLength: 1 + type: string + encryptionKeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + maxIdleConnections: + default: 50 + format: int32 + minimum: 0 + type: integer + maxOpenConnections: + default: 1000 + format: int32 + minimum: 0 + type: integer + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + required: + - encryptionKeyRef + type: object + externalEndpoint: + pattern: https?://.+ + type: string + http: + properties: + enableGzip: + default: true + type: boolean + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + properties: + level: + default: info + enum: + - debug + - info + - warn + - error + type: string + type: object + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + publicCertificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + idleTimeout: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + trace: + properties: + attributes: + additionalProperties: + type: string + type: object + enabled: + default: false + type: boolean + jaeger: + properties: + agent: + properties: + host: + type: string + port: + type: integer + type: object + collector: + properties: + endpoint: + type: string + passwordRef: + type: string + username: + type: string + required: + - endpoint + type: object + mode: + enum: + - collector + - agent + type: string + required: + - mode + type: object + namespace: + type: string + otel: + properties: + compression: + type: boolean + endpoint: + type: string + insecure: + type: boolean + timeout: + default: 10s + type: string + urlPath: + type: string + required: + - endpoint + - urlPath + type: object + provider: + enum: + - jaeger + - otel + type: string + sampleRate: + default: 1 + type: integer + required: + - provider + type: object + required: + - adminInitialPasswordRef + - components + - csrfKeyRef + - database + - externalEndpoint + - redis + - secretRef + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: exporters.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: Exporter + listKind: ExporterList + plural: exporters + singular: exporter + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + cache: + properties: + cleanInterval: + default: 4h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + duration: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + type: object + core: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + database: + properties: + database: + minLength: 1 + type: string + encryptionKeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + maxIdleConnections: + default: 50 + format: int32 + minimum: 0 + type: integer + maxOpenConnections: + default: 1000 + format: int32 + minimum: 0 + type: integer + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + required: + - encryptionKeyRef + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - panic + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - core + - database + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + cache: + properties: + cleanInterval: + default: 4h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + duration: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + type: object + core: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + database: + properties: + database: + minLength: 1 + type: string + encryptionKeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + maxIdleConnections: + default: 50 + format: int32 + minimum: 0 + type: integer + maxOpenConnections: + default: 1000 + format: int32 + minimum: 0 + type: integer + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + required: + - encryptionKeyRef + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + jobservice: + properties: + redisPool: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + idleTimeout: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + namespace: + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + type: object + log: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - panic + type: string + type: object + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - core + - database + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: harborclusters.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + kind: HarborCluster + listKind: HarborClusterList + plural: harborclusters + singular: harborcluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The public URL to the Harbor application + jsonPath: .spec.externalURL + name: Public URL + type: string + - description: The version to the Harbor application + jsonPath: .spec.version + name: Version + type: string + - description: The overall status of the Harbor cluster + jsonPath: .status.status + name: Status + type: string + - description: 'The operator version ' + jsonPath: .status.operator.controllerVersion + name: Operator Version + priority: 30 + type: string + - description: The operator git commit + jsonPath: .status.operator.controllerGitCommit + name: Operator Git Commit + priority: 30 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + chartmuseum: + properties: + absoluteUrl: + default: false + type: boolean + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + core: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tokenIssuer: + properties: + group: + type: string + kind: + type: string + name: + type: string + required: + - name + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + database: + properties: + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + sslMode: + enum: + - disable + - allow + - prefer + - require + - verify-ca + - verify-full + type: string + username: + minLength: 1 + type: string + required: + - hosts + type: object + exporter: + properties: + cache: + properties: + cleanInterval: + default: 4h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + duration: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + expose: + properties: + core: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + notary: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + required: + - core + type: object + externalURL: + pattern: https?://.* + type: string + harborAdminPasswordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + imageChartStorage: + properties: + filesystem: + properties: + chartPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + registryPersistentVolume: + properties: + claimName: + type: string + maxthreads: + default: 100 + format: int32 + minimum: 25 + type: integer + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + required: + - registryPersistentVolume + type: object + redirect: + properties: + disable: + default: false + type: boolean + type: object + s3: + properties: + accesskey: + type: string + bucket: + type: string + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + keyid: + type: string + region: + type: string + regionendpoint: + type: string + rootdirectory: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + secure: + default: true + type: boolean + skipverify: + default: false + type: boolean + storageclass: + default: STANDARD + type: string + v4auth: + default: true + type: boolean + required: + - bucket + - region + type: object + swift: + properties: + accesskey: + type: string + authurl: + type: string + authversion: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + container: + type: string + domain: + type: string + domainID: + type: string + endpointtype: + default: public + enum: + - public + - internal + - admin + type: string + insecureskipverify: + default: false + type: boolean + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tenant: + type: string + tenantID: + type: string + trustid: + type: string + username: + type: string + required: + - authurl + - container + type: object + type: object + imageSource: + properties: + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + repository: + type: string + tagSuffix: + type: string + type: object + inClusterCache: + properties: + kind: + enum: + - Redis + type: string + redisSpec: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + sentinel: + properties: + replicas: + default: 1 + type: integer + type: object + server: + properties: + replicas: + default: 1 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + storage: + type: string + storageClassName: + type: string + type: object + type: object + required: + - kind + - redisSpec + type: object + inClusterDatabase: + properties: + kind: + enum: + - PostgresSQL + type: string + postgresSqlSpec: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + replicas: + minimum: 1 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + storage: + type: string + storageClassName: + type: string + type: object + required: + - kind + - postgresSqlSpec + type: object + inClusterStorage: + properties: + kind: + enum: + - MinIO + type: string + minIOSpec: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + mc: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + type: object + redirect: + properties: + enable: + default: true + type: boolean + expose: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + required: + - enable + type: object + replicas: + format: int32 + minimum: 1 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + volumeClaimTemplate: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + status: + properties: + accessModes: + items: + type: string + type: array + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + phase: + type: string + resizeStatus: + type: string + type: object + type: object + volumesPerServer: + format: int32 + minimum: 1 + type: integer + required: + - redirect + - replicas + - volumesPerServer + type: object + required: + - kind + type: object + internalTLS: + properties: + enabled: + default: false + type: boolean + type: object + jobservice: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + workerCount: + default: 10 + format: int32 + minimum: 1 + type: integer + type: object + logLevel: + default: info + enum: + - debug + - info + - warning + - error + - fatal + type: string + notary: + properties: + migrationEnabled: + default: true + type: boolean + server: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + signer: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + type: object + portal: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + proxy: + properties: + components: + default: + - core + - jobservice + - trivy + items: + type: string + type: array + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + registry: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + relativeURLs: + default: true + type: boolean + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storageMiddlewares: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + registryctl: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + trivy: + properties: + certificateRefs: + items: + type: string + type: array + githubTokenRef: + type: string + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + skipUpdate: + default: false + type: boolean + storage: + properties: + cachePersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + reportsPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - storage + type: object + updateStrategyType: + default: RollingUpdate + type: string + version: + pattern: '[0-9]+\.[0-9]+\.[0-9]+' + type: string + required: + - expose + - externalURL + - harborAdminPasswordRef + - version + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + revision: + format: int64 + type: integer + status: + type: string + required: + - revision + - status + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The public URL to the Harbor application + jsonPath: .spec.externalURL + name: Public URL + type: string + - description: The overall status of the Harbor cluster + jsonPath: .status.status + name: Status + type: string + - description: 'The operator version ' + jsonPath: .status.operator.controllerVersion + name: Operator Version + priority: 30 + type: string + - description: The operator git commit + jsonPath: .status.operator.controllerGitCommit + name: Operator Git Commit + priority: 30 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + cache: + properties: + kind: + enum: + - Redis + - RedisFailover + type: string + spec: + properties: + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + redisFailover: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + operatorVersion: + type: string + sentinel: + properties: + replicas: + default: 1 + type: integer + type: object + server: + properties: + replicas: + default: 1 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + storage: + type: string + storageClassName: + type: string + type: object + required: + - operatorVersion + type: object + type: object + required: + - kind + - spec + type: object + chartmuseum: + properties: + absoluteUrl: + default: false + type: boolean + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + core: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tokenIssuer: + properties: + group: + type: string + kind: + type: string + name: + type: string + required: + - name + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - tokenIssuer + type: object + database: + properties: + kind: + enum: + - PostgreSQL + - Zlando/PostgreSQL + type: string + spec: + properties: + postgresql: + properties: + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + sslMode: + enum: + - disable + - allow + - prefer + - require + - verify-ca + - verify-full + type: string + username: + minLength: 1 + type: string + required: + - hosts + type: object + zlandoPostgreSql: + properties: + connectTimeout: + type: integer + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + operatorVersion: + type: string + replicas: + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + sslConfig: + type: string + storage: + type: string + storageClassName: + type: string + required: + - operatorVersion + type: object + type: object + required: + - kind + - spec + type: object + exporter: + properties: + cache: + properties: + cleanInterval: + default: 4h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + duration: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + expose: + properties: + core: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + ingressClassName: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + notary: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + ingressClassName: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + required: + - core + type: object + externalURL: + pattern: https?://.* + type: string + harborAdminPasswordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + imageSource: + properties: + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + repository: + type: string + tagSuffix: + type: string + type: object + internalTLS: + properties: + enabled: + default: false + type: boolean + type: object + jobservice: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + scanDataExportsPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + workerCount: + default: 10 + format: int32 + minimum: 1 + type: integer + type: object + logLevel: + default: info + enum: + - debug + - info + - warning + - error + - fatal + type: string + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + notary: + properties: + migrationEnabled: + default: true + type: boolean + server: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + signer: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + type: object + portal: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + proxy: + properties: + components: + default: + - core + - jobservice + - trivy + items: + type: string + type: array + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + registry: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + relativeURLs: + default: true + type: boolean + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storageMiddlewares: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + registryctl: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + storage: + properties: + kind: + enum: + - MinIO + - S3 + - Swift + - FileSystem + - Azure + - Gcs + - Oss + type: string + spec: + properties: + azure: + properties: + accountkeyRef: + type: string + accountname: + type: string + baseURL: + default: core.windows.net + type: string + container: + type: string + pathPrefix: + default: /azure/harbor/charts + type: string + type: object + fileSystem: + properties: + chartPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + registryPersistentVolume: + properties: + claimName: + type: string + maxthreads: + default: 100 + format: int32 + minimum: 25 + type: integer + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + required: + - registryPersistentVolume + type: object + gcs: + properties: + bucket: + type: string + chunkSize: + type: string + keyDataRef: + type: string + pathPrefix: + type: string + type: object + minIO: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + mc: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + type: object + operatorVersion: + default: 4.0.6 + type: string + redirect: + properties: + enable: + default: true + type: boolean + expose: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + ingressClassName: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + required: + - enable + type: object + replicas: + format: int32 + minimum: 1 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + volumeClaimTemplate: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + status: + properties: + accessModes: + items: + type: string + type: array + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + phase: + type: string + resizeStatus: + type: string + type: object + type: object + volumesPerServer: + format: int32 + minimum: 1 + type: integer + required: + - operatorVersion + - replicas + - volumesPerServer + type: object + oss: + properties: + accessKeyID: + type: string + accessSecretRef: + type: string + bucket: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + endpoint: + type: string + internal: + default: false + type: boolean + pathPrefix: + type: string + region: + pattern: oss-.* + type: string + secure: + default: true + type: boolean + required: + - accessKeyID + - accessSecretRef + - bucket + - region + type: object + redirect: + properties: + enable: + default: true + type: boolean + expose: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + ingressClassName: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + required: + - enable + type: object + s3: + properties: + accesskey: + type: string + bucket: + type: string + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + keyid: + type: string + multipartcopychunksize: + format: int64 + type: integer + multipartcopymaxconcurrency: + format: int64 + type: integer + multipartcopythresholdsize: + format: int64 + type: integer + region: + type: string + regionendpoint: + type: string + rootdirectory: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + secure: + default: true + type: boolean + skipverify: + default: false + type: boolean + storageclass: + default: STANDARD + type: string + v4auth: + default: true + type: boolean + required: + - bucket + - region + type: object + swift: + properties: + accesskey: + type: string + authurl: + type: string + authversion: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + container: + type: string + domain: + type: string + domainID: + type: string + endpointtype: + default: public + enum: + - public + - internal + - admin + type: string + insecureskipverify: + default: false + type: boolean + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tenant: + type: string + tenantID: + type: string + trustid: + type: string + username: + type: string + required: + - authurl + - container + type: object + type: object + required: + - kind + - spec + type: object + trace: + properties: + attributes: + additionalProperties: + type: string + type: object + enabled: + default: false + type: boolean + jaeger: + properties: + agent: + properties: + host: + type: string + port: + type: integer + type: object + collector: + properties: + endpoint: + type: string + passwordRef: + type: string + username: + type: string + required: + - endpoint + type: object + mode: + enum: + - collector + - agent + type: string + required: + - mode + type: object + namespace: + type: string + otel: + properties: + compression: + type: boolean + endpoint: + type: string + insecure: + type: boolean + timeout: + default: 10s + type: string + urlPath: + type: string + required: + - endpoint + - urlPath + type: object + provider: + enum: + - jaeger + - otel + type: string + sampleRate: + default: 1 + type: integer + required: + - provider + type: object + trivy: + properties: + certificateRefs: + items: + type: string + type: array + githubTokenRef: + type: string + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + offlineScan: + default: false + type: boolean + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + skipUpdate: + default: false + type: boolean + storage: + properties: + cachePersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + reportsPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - storage + type: object + updateStrategyType: + default: RollingUpdate + type: string + version: + pattern: '[0-9]+\.[0-9]+\.[0-9]+' + type: string + required: + - cache + - database + - expose + - externalURL + - harborAdminPasswordRef + - storage + - version + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + revision: + format: int64 + type: integer + status: + type: string + required: + - revision + - status + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: harborconfigurations.goharbor.io +spec: + group: goharbor.io + names: + categories: + - goharbor + kind: HarborConfiguration + listKind: HarborConfigurationList + plural: harborconfigurations + shortNames: + - hc + singular: harborconfiguration + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: HarborCluster name + jsonPath: .spec.harborClusterRef + name: HarborCluster + type: string + - description: HarborConfiguration status + jsonPath: .status.status + name: Status + type: string + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + configuration: + properties: + authMode: + type: string + emailFrom: + type: string + emailHost: + type: string + emailIdentity: + type: string + emailInsecure: + type: boolean + emailPassword: + type: string + emailPort: + type: integer + emailSsl: + type: boolean + emailUsername: + type: string + httpAuthproxyAdminGroups: + type: string + httpAuthproxyAdminUsernames: + type: string + httpAuthproxyEndpoint: + type: string + httpAuthproxyServerCertificate: + type: boolean + httpAuthproxySkipSearch: + type: boolean + httpAuthproxyTokenreviewEndpoint: + type: string + httpAuthproxyVerifyCert: + type: boolean + ldapBaseDn: + type: string + ldapFilter: + type: string + ldapGroupAdminDn: + type: string + ldapGroupAttributeName: + type: string + ldapGroupBaseDn: + type: string + ldapGroupMembershipAttribute: + type: string + ldapGroupSearchFilter: + type: string + ldapGroupSearchScope: + type: integer + ldapScope: + type: integer + ldapSearchDn: + type: string + ldapSearchPassword: + type: string + ldapTimeout: + type: integer + ldapUid: + type: string + ldapUrl: + type: string + ldapVerifyCert: + type: boolean + notificationEnable: + type: boolean + oidcAdminGroup: + type: string + oidcAutoOnboard: + type: boolean + oidcClientId: + type: string + oidcClientSecret: + type: string + oidcEndpoint: + type: string + oidcExtraRedirectParms: + type: string + oidcGroupsClaim: + type: string + oidcName: + type: string + oidcScope: + type: string + oidcUserClaim: + type: string + oidcVerifyCert: + type: boolean + projectCreationRestriction: + type: string + quotaPerProjectEnable: + type: boolean + readOnly: + type: boolean + robotNamePrefix: + type: string + robotTokenDuration: + type: integer + selfRegistration: + type: boolean + storagePerProject: + type: integer + tokenExpiration: + type: integer + uaaClientId: + type: string + uaaClientSecret: + type: string + uaaEndpoint: + type: string + uaaVerifyCert: + type: boolean + type: object + harborClusterRef: + type: string + type: object + status: + properties: + lastApplyTime: + format: date-time + type: string + lastConfiguration: + properties: + configuration: + properties: + authMode: + type: string + emailFrom: + type: string + emailHost: + type: string + emailIdentity: + type: string + emailInsecure: + type: boolean + emailPassword: + type: string + emailPort: + type: integer + emailSsl: + type: boolean + emailUsername: + type: string + httpAuthproxyAdminGroups: + type: string + httpAuthproxyAdminUsernames: + type: string + httpAuthproxyEndpoint: + type: string + httpAuthproxyServerCertificate: + type: boolean + httpAuthproxySkipSearch: + type: boolean + httpAuthproxyTokenreviewEndpoint: + type: string + httpAuthproxyVerifyCert: + type: boolean + ldapBaseDn: + type: string + ldapFilter: + type: string + ldapGroupAdminDn: + type: string + ldapGroupAttributeName: + type: string + ldapGroupBaseDn: + type: string + ldapGroupMembershipAttribute: + type: string + ldapGroupSearchFilter: + type: string + ldapGroupSearchScope: + type: integer + ldapScope: + type: integer + ldapSearchDn: + type: string + ldapSearchPassword: + type: string + ldapTimeout: + type: integer + ldapUid: + type: string + ldapUrl: + type: string + ldapVerifyCert: + type: boolean + notificationEnable: + type: boolean + oidcAdminGroup: + type: string + oidcAutoOnboard: + type: boolean + oidcClientId: + type: string + oidcClientSecret: + type: string + oidcEndpoint: + type: string + oidcExtraRedirectParms: + type: string + oidcGroupsClaim: + type: string + oidcName: + type: string + oidcScope: + type: string + oidcUserClaim: + type: string + oidcVerifyCert: + type: boolean + projectCreationRestriction: + type: string + quotaPerProjectEnable: + type: boolean + readOnly: + type: boolean + robotNamePrefix: + type: string + robotTokenDuration: + type: integer + selfRegistration: + type: boolean + storagePerProject: + type: integer + tokenExpiration: + type: integer + uaaClientId: + type: string + uaaClientSecret: + type: string + uaaEndpoint: + type: string + uaaVerifyCert: + type: boolean + type: object + harborClusterRef: + type: string + type: object + message: + type: string + reason: + type: string + status: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: harbors.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: Harbor + listKind: HarborList + plural: harbors + shortNames: + - h + singular: harbor + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The public URL to the Harbor application + jsonPath: .spec.externalURL + name: Public URL + priority: 5 + type: string + - description: The version to the Harbor application + jsonPath: .spec.version + name: Version + priority: 5 + type: string + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + chartmuseum: + properties: + absoluteUrl: + default: false + type: boolean + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + core: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tokenIssuer: + properties: + group: + type: string + kind: + type: string + name: + type: string + required: + - name + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + database: + properties: + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + sslMode: + enum: + - disable + - allow + - prefer + - require + - verify-ca + - verify-full + type: string + username: + minLength: 1 + type: string + required: + - hosts + type: object + exporter: + properties: + cache: + properties: + cleanInterval: + default: 4h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + duration: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + expose: + properties: + core: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + notary: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + required: + - core + type: object + externalURL: + pattern: https?://.* + type: string + harborAdminPasswordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + imageChartStorage: + properties: + filesystem: + properties: + chartPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + registryPersistentVolume: + properties: + claimName: + type: string + maxthreads: + default: 100 + format: int32 + minimum: 25 + type: integer + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + required: + - registryPersistentVolume + type: object + redirect: + properties: + disable: + default: false + type: boolean + type: object + s3: + properties: + accesskey: + type: string + bucket: + type: string + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + keyid: + type: string + region: + type: string + regionendpoint: + type: string + rootdirectory: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + secure: + default: true + type: boolean + skipverify: + default: false + type: boolean + storageclass: + default: STANDARD + type: string + v4auth: + default: true + type: boolean + required: + - bucket + - region + type: object + swift: + properties: + accesskey: + type: string + authurl: + type: string + authversion: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + container: + type: string + domain: + type: string + domainID: + type: string + endpointtype: + default: public + enum: + - public + - internal + - admin + type: string + insecureskipverify: + default: false + type: boolean + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tenant: + type: string + tenantID: + type: string + trustid: + type: string + username: + type: string + required: + - authurl + - container + type: object + type: object + imageSource: + properties: + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + repository: + type: string + tagSuffix: + type: string + type: object + internalTLS: + properties: + enabled: + default: false + type: boolean + type: object + jobservice: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + workerCount: + default: 10 + format: int32 + minimum: 1 + type: integer + type: object + logLevel: + default: info + enum: + - debug + - info + - warning + - error + - fatal + type: string + notary: + properties: + migrationEnabled: + default: true + type: boolean + server: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + signer: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + type: object + portal: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + proxy: + properties: + components: + default: + - core + - jobservice + - trivy + items: + type: string + type: array + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + registry: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + relativeURLs: + default: true + type: boolean + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storageMiddlewares: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + registryctl: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + trivy: + properties: + certificateRefs: + items: + type: string + type: array + githubTokenRef: + type: string + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + skipUpdate: + default: false + type: boolean + storage: + properties: + cachePersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + reportsPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - storage + type: object + updateStrategyType: + default: RollingUpdate + type: string + version: + pattern: '[0-9]+\.[0-9]+\.[0-9]+' + type: string + required: + - expose + - externalURL + - harborAdminPasswordRef + - version + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The public URL to the Harbor application + jsonPath: .spec.externalURL + name: Public URL + priority: 5 + type: string + - description: The version to the Harbor application + jsonPath: .spec.version + name: Version + priority: 5 + type: string + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + chartmuseum: + properties: + absoluteUrl: + default: false + type: boolean + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + core: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tokenIssuer: + properties: + group: + type: string + kind: + type: string + name: + type: string + required: + - name + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - tokenIssuer + type: object + database: + properties: + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + sslMode: + enum: + - disable + - allow + - prefer + - require + - verify-ca + - verify-full + type: string + username: + minLength: 1 + type: string + required: + - hosts + type: object + exporter: + properties: + cache: + properties: + cleanInterval: + default: 4h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + duration: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? + type: string + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + expose: + properties: + core: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + ingressClassName: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + notary: + properties: + ingress: + properties: + annotations: + additionalProperties: + type: string + type: object + controller: + default: default + enum: + - default + - gce + - ncp + - contour + type: string + host: + type: string + ingressClassName: + type: string + required: + - host + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + required: + - core + type: object + externalURL: + pattern: https?://.* + type: string + harborAdminPasswordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + imageChartStorage: + properties: + azure: + properties: + accountkeyRef: + type: string + accountname: + type: string + baseURL: + default: core.windows.net + type: string + container: + type: string + pathPrefix: + default: /azure/harbor/charts + type: string + type: object + filesystem: + properties: + chartPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + registryPersistentVolume: + properties: + claimName: + type: string + maxthreads: + default: 100 + format: int32 + minimum: 25 + type: integer + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + required: + - registryPersistentVolume + type: object + gcs: + properties: + bucket: + type: string + chunkSize: + type: string + keyDataRef: + type: string + pathPrefix: + type: string + type: object + oss: + properties: + accessKeyID: + type: string + accessSecretRef: + type: string + bucket: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + endpoint: + type: string + internal: + default: false + type: boolean + pathPrefix: + type: string + region: + pattern: oss-.* + type: string + secure: + default: true + type: boolean + required: + - accessKeyID + - accessSecretRef + - bucket + - region + type: object + redirect: + properties: + disable: + default: false + type: boolean + type: object + s3: + properties: + accesskey: + type: string + bucket: + type: string + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + keyid: + type: string + multipartcopychunksize: + format: int64 + type: integer + multipartcopymaxconcurrency: + format: int64 + type: integer + multipartcopythresholdsize: + format: int64 + type: integer + region: + type: string + regionendpoint: + type: string + rootdirectory: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + secure: + default: true + type: boolean + skipverify: + default: false + type: boolean + storageclass: + default: STANDARD + type: string + v4auth: + default: true + type: boolean + required: + - bucket + - region + type: object + swift: + properties: + accesskey: + type: string + authurl: + type: string + authversion: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + container: + type: string + domain: + type: string + domainID: + type: string + endpointtype: + default: public + enum: + - public + - internal + - admin + type: string + insecureskipverify: + default: false + type: boolean + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tenant: + type: string + tenantID: + type: string + trustid: + type: string + username: + type: string + required: + - authurl + - container + type: object + type: object + imageSource: + properties: + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + repository: + type: string + tagSuffix: + type: string + type: object + internalTLS: + properties: + enabled: + default: false + type: boolean + type: object + jobservice: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + scanDataExportsPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + workerCount: + default: 10 + format: int32 + minimum: 1 + type: integer + type: object + logLevel: + default: info + enum: + - debug + - info + - warning + - error + - fatal + type: string + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + notary: + properties: + migrationEnabled: + default: true + type: boolean + server: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + signer: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + type: object + portal: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + proxy: + properties: + components: + default: + - core + - jobservice + - trivy + items: + type: string + type: array + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + registry: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + relativeURLs: + default: true + type: boolean + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storageMiddlewares: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + registryctl: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + trace: + properties: + attributes: + additionalProperties: + type: string + type: object + enabled: + default: false + type: boolean + jaeger: + properties: + agent: + properties: + host: + type: string + port: + type: integer + type: object + collector: + properties: + endpoint: + type: string + passwordRef: + type: string + username: + type: string + required: + - endpoint + type: object + mode: + enum: + - collector + - agent + type: string + required: + - mode + type: object + namespace: + type: string + otel: + properties: + compression: + type: boolean + endpoint: + type: string + insecure: + type: boolean + timeout: + default: 10s + type: string + urlPath: + type: string + required: + - endpoint + - urlPath + type: object + provider: + enum: + - jaeger + - otel + type: string + sampleRate: + default: 1 + type: integer + required: + - provider + type: object + trivy: + properties: + certificateRefs: + items: + type: string + type: array + githubTokenRef: + type: string + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + nodeSelector: + additionalProperties: + type: string + type: object + offlineScan: + default: false + type: boolean + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + skipUpdate: + default: false + type: boolean + storage: + properties: + cachePersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + reportsPersistentVolume: + properties: + claimName: + type: string + prefix: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - storage + type: object + updateStrategyType: + default: RollingUpdate + type: string + version: + pattern: '[0-9]+\.[0-9]+\.[0-9]+' + type: string + required: + - database + - expose + - externalURL + - harborAdminPasswordRef + - imageChartStorage + - redis + - version + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: harborserverconfigurations.goharbor.io +spec: + group: goharbor.io + names: + categories: + - goharbor + kind: HarborServerConfiguration + listKind: HarborServerConfigurationList + plural: harborserverconfigurations + shortNames: + - hsc + singular: harborserverconfiguration + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The public URL to the Harbor server + jsonPath: .spec.serverURL + name: Harbor Server + type: string + - description: The status of the Harbor server + jsonPath: .status.status + name: Status + type: string + - description: The version of the Harbor server + jsonPath: .spec.version + name: Version + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + accessCredential: + properties: + accessSecretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + namespace: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - accessSecretRef + - namespace + type: object + default: + type: boolean + insecure: + type: boolean + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + rules: + items: + type: string + type: array + serverURL: + pattern: (?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^https?://(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)+([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9]) + type: string + version: + pattern: (0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))? + type: string + required: + - accessCredential + - serverURL + - version + type: object + status: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: jobservices.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: JobService + listKind: JobServiceList + plural: jobservices + singular: jobservice + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + certificateRefs: + items: + type: string + type: array + core: + properties: + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + url: + pattern: https?://.+ + type: string + required: + - secretRef + - url + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + jobLoggers: + default: + files: + - level: INFO + sweeper: 720h + volume: + emptyDir: + sizeLimit: 100Mi + stdout: + level: INFO + properties: + database: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + files: + items: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + volume: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + nullable: true + type: array + stdout: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + type: object + type: object + loggers: + default: + stdout: + level: INFO + properties: + database: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + files: + items: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + volume: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + nullable: true + type: array + stdout: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + type: object + type: object + nodeSelector: + additionalProperties: + type: string + type: object + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + registry: + properties: + controllerURL: + pattern: https?://.+ + type: string + credentials: + properties: + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + type: string + required: + - passwordRef + - username + type: object + url: + pattern: https?://.+ + type: string + required: + - controllerURL + - credentials + - url + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tokenService: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + workerPool: + properties: + backend: + default: redis + enum: + - redis + minLength: 1 + type: string + redisPool: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + idleTimeout: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + namespace: + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + workers: + default: 10 + format: int32 + minimum: 1 + type: integer + type: object + required: + - core + - registry + - secretRef + - tokenService + - workerPool + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + certificateRefs: + items: + type: string + type: array + core: + properties: + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + url: + pattern: https?://.+ + type: string + required: + - secretRef + - url + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + jobLoggers: + default: + files: + - level: INFO + sweeper: 720h + volume: + emptyDir: + sizeLimit: 100Mi + stdout: + level: INFO + properties: + database: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + files: + items: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + volume: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + nullable: true + type: array + stdout: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + type: object + type: object + loggers: + default: + stdout: + level: INFO + properties: + database: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + files: + items: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + sweeper: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + volume: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + nullable: true + type: array + stdout: + properties: + level: + default: INFO + enum: + - DEBUG + - INFO + - WARNING + - ERROR + - FATAL + type: string + type: object + type: object + metrics: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + pattern: /.+ + type: string + port: + default: 8001 + format: int32 + minimum: 1 + type: integer + type: object + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + registry: + properties: + controllerURL: + pattern: https?://.+ + type: string + credentials: + properties: + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + type: string + required: + - passwordRef + - username + type: object + url: + pattern: https?://.+ + type: string + required: + - controllerURL + - credentials + - url + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + serviceAccountName: + type: string + storage: + properties: + scanDataExports: + properties: + prefix: + type: string + volumeSource: + default: + emptyDir: + sizeLimit: 1Gi + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + required: + - scanDataExports + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tokenService: + properties: + url: + pattern: https?://.+ + type: string + required: + - url + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + trace: + properties: + attributes: + additionalProperties: + type: string + type: object + enabled: + default: false + type: boolean + jaeger: + properties: + agent: + properties: + host: + type: string + port: + type: integer + type: object + collector: + properties: + endpoint: + type: string + passwordRef: + type: string + username: + type: string + required: + - endpoint + type: object + mode: + enum: + - collector + - agent + type: string + required: + - mode + type: object + namespace: + type: string + otel: + properties: + compression: + type: boolean + endpoint: + type: string + insecure: + type: boolean + timeout: + default: 10s + type: string + urlPath: + type: string + required: + - endpoint + - urlPath + type: object + provider: + enum: + - jaeger + - otel + type: string + sampleRate: + default: 1 + type: integer + required: + - provider + type: object + updateStrategyType: + default: RollingUpdate + type: string + workerPool: + properties: + backend: + default: redis + enum: + - redis + minLength: 1 + type: string + redisPool: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + idleTimeout: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + namespace: + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + workers: + default: 10 + format: int32 + minimum: 1 + type: integer + type: object + required: + - core + - registry + - secretRef + - tokenService + - workerPool + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: notaryservers.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: NotaryServer + listKind: NotaryServerList + plural: notaryservers + singular: notaryserver + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + token: + properties: + autoredirect: + default: true + type: boolean + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + issuer: + type: string + realm: + type: string + service: + type: string + required: + - certificateRef + - issuer + - realm + - service + type: object + required: + - token + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + logging: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + - panic + type: string + type: object + migrationEnabled: + type: boolean + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + postgres: + properties: + database: + minLength: 1 + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + type: object + required: + - postgres + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + trustService: + properties: + remote: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + host: + type: string + keyAlgorithm: + default: ecdsa + enum: + - ecdsa + - rsa + - ed25519 + type: string + port: + default: 443 + exclusiveMinimum: true + format: int64 + minimum: 0 + type: integer + required: + - host + type: object + type: object + required: + - trustService + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + token: + properties: + autoredirect: + default: true + type: boolean + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + issuer: + type: string + realm: + type: string + service: + type: string + required: + - certificateRef + - issuer + - realm + - service + type: object + required: + - token + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + logging: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + - panic + type: string + type: object + migrationEnabled: + type: boolean + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + postgres: + properties: + database: + minLength: 1 + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + type: object + required: + - postgres + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + trustService: + properties: + remote: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + host: + type: string + keyAlgorithm: + default: ecdsa + enum: + - ecdsa + - rsa + - ed25519 + type: string + port: + default: 443 + exclusiveMinimum: true + format: int64 + minimum: 0 + type: integer + required: + - host + type: object + type: object + required: + - trustService + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: notarysigners.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: NotarySigner + listKind: NotarySignerList + plural: notarysigners + singular: notarysigner + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentatication: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - certificateRef + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + logging: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + - panic + type: string + type: object + migrationEnabled: + type: boolean + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + aliasesRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + postgres: + properties: + database: + minLength: 1 + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + type: object + required: + - aliasesRef + - postgres + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - authentatication + - storage + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentatication: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - certificateRef + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + logging: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + - panic + type: string + type: object + migrationEnabled: + type: boolean + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + aliasesRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + postgres: + properties: + database: + minLength: 1 + type: string + hosts: + items: + properties: + host: + minLength: 1 + type: string + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + required: + - host + type: object + minItems: 1 + type: array + parameters: + additionalProperties: + type: string + type: object + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + username: + minLength: 1 + type: string + type: object + required: + - aliasesRef + - postgres + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - authentatication + - storage + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: portals.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: Portal + listKind: PortalList + plural: portals + singular: portal + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + maxConnections: + default: 1024 + format: int32 + minimum: 0 + type: integer + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + maxConnections: + default: 1024 + format: int32 + minimum: 0 + type: integer + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: pullsecretbindings.goharbor.io +spec: + group: goharbor.io + names: + categories: + - goharbor + kind: PullSecretBinding + listKind: PullSecretBindingList + plural: pullsecretbindings + shortNames: + - psb + singular: pullsecretbinding + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Harbor server configuration CR reference + jsonPath: .spec.harborServerConfig + name: Harbor Server + type: string + - description: The service account binding the pull secret + jsonPath: .spec.serviceAccount + name: Service Account + type: string + - description: The status of the Harbor server + jsonPath: .status.status + name: Status + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + harborServerConfig: + type: string + projectId: + type: string + robotId: + type: string + serviceAccount: + type: string + required: + - harborServerConfig + - projectId + - robotId + - serviceAccount + type: object + status: + properties: + message: + type: string + reason: + type: string + status: + type: string + required: + - status + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: registries.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: Registry + listKind: RegistryList + plural: registries + singular: registry + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + htPasswd: + properties: + realm: + type: string + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - realm + - secretRef + type: object + silly: + properties: + realm: + type: string + service: + type: string + required: + - realm + - service + type: object + token: + properties: + autoredirect: + type: boolean + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + issuer: + type: string + realm: + type: string + service: + type: string + required: + - certificateRef + - issuer + - realm + - service + type: object + type: object + certificateRefs: + items: + type: string + type: array + compatibility: + properties: + schema1: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + enabled: + default: false + type: boolean + type: object + type: object + health: + properties: + file: + items: + properties: + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + path: + type: string + required: + - path + type: object + type: array + http: + items: + properties: + headers: + additionalProperties: + items: + type: string + type: array + type: object + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + statuscode: + default: 200 + format: int32 + minimum: 0 + type: integer + threshold: + default: 3 + format: int32 + minimum: 0 + type: integer + timeout: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + uri: + pattern: https?://.+ + type: string + required: + - uri + type: object + type: array + storageDriver: + properties: + enabled: + default: true + type: boolean + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + threshold: + default: 3 + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + type: object + tcp: + items: + properties: + address: + type: string + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + threshold: + default: 3 + format: int32 + minimum: 0 + type: integer + timeout: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + required: + - address + type: object + type: array + type: object + http: + properties: + debug: + properties: + port: + default: 5001 + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + prometheus: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + type: string + type: object + type: object + drainTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + headers: + additionalProperties: + items: + type: string + type: array + default: + X-Content-Type-Options: + - nosniff + type: object + host: + type: string + http2: + properties: + disabled: + default: false + type: boolean + type: object + net: + default: tcp + enum: + - unix + - tcp + type: string + prefix: + pattern: (/(.+/)?)? + type: string + relativeURLs: + default: true + type: boolean + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + default: + formatter: text + level: info + properties: + accessLog: + properties: + disabled: + default: false + type: boolean + type: object + fields: + additionalProperties: + type: string + type: object + formatter: + default: text + enum: + - text + - json + - logstash + type: string + hooks: + items: + properties: + levels: + items: + type: string + type: array + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: + type: string + required: + - levels + - optionsRef + - type + type: object + type: array + level: + default: info + enum: + - debug + - info + - warning + - error + type: string + type: object + middlewares: + properties: + registry: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + repository: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + storage: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + notifications: + default: {} + properties: + endpoints: + items: + properties: + backoff: + default: 10s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + disabled: + default: false + type: boolean + headers: + additionalProperties: + items: + type: string + type: array + type: object + ignore: + properties: + actions: + items: + type: string + type: array + mediaTypes: + items: + type: string + type: array + type: object + ignoredMediaTypes: + items: + type: string + type: array + name: + type: string + threshold: + default: 3 + format: int32 + minimum: 0 + type: integer + timeout: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + url: + pattern: https?://.+ + type: string + required: + - name + - url + type: object + type: array + events: + default: {} + properties: + includeReferences: + default: true + type: boolean + type: object + type: object + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + dialTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + pool: + properties: + idleTimeout: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + maxActive: + default: 5 + format: int32 + minimum: 0 + type: integer + maxIdle: + default: 3 + format: int32 + minimum: 0 + type: integer + type: object + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + readTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + sentinelMasterSet: + type: string + writeTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + required: + - host + type: object + replicas: + format: int32 + minimum: 0 + type: integer + reporting: + additionalProperties: + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + cache: + properties: + blobdescriptor: + enum: + - inmemory + - redis + type: string + type: object + delete: + properties: + enabled: + default: true + type: boolean + type: object + driver: + properties: + filesystem: + properties: + maxthreads: + default: 100 + format: int32 + minimum: 25 + type: integer + prefix: + type: string + volumeSource: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + required: + - volumeSource + type: object + inmemory: + type: object + s3: + properties: + accesskey: + type: string + bucket: + type: string + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + keyid: + type: string + region: + type: string + regionendpoint: + type: string + rootdirectory: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + secure: + default: true + type: boolean + skipverify: + default: false + type: boolean + storageclass: + default: STANDARD + type: string + v4auth: + default: true + type: boolean + required: + - bucket + - region + type: object + swift: + properties: + accesskey: + type: string + authurl: + type: string + authversion: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + container: + type: string + domain: + type: string + domainID: + type: string + endpointtype: + default: public + enum: + - public + - internal + - admin + type: string + insecureskipverify: + default: false + type: boolean + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tenant: + type: string + tenantID: + type: string + trustid: + type: string + username: + type: string + required: + - authurl + - container + type: object + type: object + maintenance: + properties: + readOnly: + properties: + enabled: + default: false + type: boolean + type: object + uploadPurging: + properties: + age: + default: 168h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + dryRun: + default: false + type: boolean + enabled: + default: false + type: boolean + interval: + default: 24h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + type: object + redirect: + properties: + disable: + default: false + type: boolean + type: object + required: + - driver + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + validation: + properties: + disabled: + type: boolean + manifests: + properties: + urls: + properties: + allow: + items: + type: string + type: array + deny: + items: + type: string + type: array + type: object + type: object + type: object + required: + - storage + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + required: + - metadata + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + htPasswd: + properties: + realm: + type: string + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - realm + - secretRef + type: object + silly: + properties: + realm: + type: string + service: + type: string + required: + - realm + - service + type: object + token: + properties: + autoredirect: + type: boolean + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + issuer: + type: string + realm: + type: string + service: + type: string + required: + - certificateRef + - issuer + - realm + - service + type: object + type: object + certificateRefs: + items: + type: string + type: array + compatibility: + properties: + schema1: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + enabled: + default: false + type: boolean + type: object + type: object + health: + properties: + file: + items: + properties: + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + path: + type: string + required: + - path + type: object + type: array + http: + items: + properties: + headers: + additionalProperties: + items: + type: string + type: array + type: object + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + statuscode: + default: 200 + format: int32 + minimum: 0 + type: integer + threshold: + default: 3 + format: int32 + minimum: 0 + type: integer + timeout: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + uri: + pattern: https?://.+ + type: string + required: + - uri + type: object + type: array + storageDriver: + properties: + enabled: + default: true + type: boolean + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + threshold: + default: 3 + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + type: object + tcp: + items: + properties: + address: + type: string + interval: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + threshold: + default: 3 + format: int32 + minimum: 0 + type: integer + timeout: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + required: + - address + type: object + type: array + type: object + http: + properties: + debug: + properties: + port: + default: 5001 + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + prometheus: + properties: + enabled: + default: false + type: boolean + path: + default: /metrics + type: string + type: object + type: object + drainTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + headers: + additionalProperties: + items: + type: string + type: array + default: + X-Content-Type-Options: + - nosniff + type: object + host: + type: string + http2: + properties: + disabled: + default: false + type: boolean + type: object + net: + default: tcp + enum: + - unix + - tcp + type: string + prefix: + pattern: (/(.+/)?)? + type: string + relativeURLs: + default: true + type: boolean + secretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + default: + formatter: text + level: info + properties: + accessLog: + properties: + disabled: + default: false + type: boolean + type: object + fields: + additionalProperties: + type: string + type: object + formatter: + default: text + enum: + - text + - json + - logstash + type: string + hooks: + items: + properties: + levels: + items: + type: string + type: array + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: + type: string + required: + - levels + - optionsRef + - type + type: object + type: array + level: + default: info + enum: + - debug + - info + - warning + - error + type: string + type: object + middlewares: + properties: + registry: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + repository: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + storage: + items: + properties: + name: + type: string + optionsRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + required: + - name + type: object + type: array + type: object + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + notifications: + default: {} + properties: + endpoints: + items: + properties: + backoff: + default: 10s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + disabled: + default: false + type: boolean + headers: + additionalProperties: + items: + type: string + type: array + type: object + ignore: + properties: + actions: + items: + type: string + type: array + mediaTypes: + items: + type: string + type: array + type: object + ignoredMediaTypes: + items: + type: string + type: array + name: + type: string + threshold: + default: 3 + format: int32 + minimum: 0 + type: integer + timeout: + default: 5s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + url: + pattern: https?://.+ + type: string + required: + - name + - url + type: object + type: array + events: + default: {} + properties: + includeReferences: + default: true + type: boolean + type: object + type: object + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + dialTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + host: + minLength: 1 + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + pool: + properties: + idleTimeout: + default: 30s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + maxActive: + default: 5 + format: int32 + minimum: 0 + type: integer + maxIdle: + default: 3 + format: int32 + minimum: 0 + type: integer + type: object + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + readTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + sentinelMasterSet: + type: string + writeTimeout: + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + required: + - host + type: object + replicas: + format: int32 + minimum: 0 + type: integer + reporting: + additionalProperties: + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + storage: + properties: + cache: + properties: + blobdescriptor: + enum: + - inmemory + - redis + type: string + type: object + delete: + properties: + enabled: + default: true + type: boolean + type: object + driver: + properties: + azure: + properties: + accountkeyRef: + type: string + accountname: + type: string + baseURL: + default: core.windows.net + type: string + container: + type: string + pathPrefix: + default: /azure/harbor/charts + type: string + type: object + filesystem: + properties: + maxthreads: + default: 100 + format: int32 + minimum: 25 + type: integer + prefix: + type: string + volumeSource: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + required: + - volumeSource + type: object + gcs: + properties: + bucket: + type: string + chunkSize: + type: string + keyDataRef: + type: string + pathPrefix: + type: string + type: object + inmemory: + type: object + oss: + properties: + accessKeyID: + type: string + accessSecretRef: + type: string + bucket: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + endpoint: + type: string + internal: + default: false + type: boolean + pathPrefix: + type: string + region: + pattern: oss-.* + type: string + secure: + default: true + type: boolean + required: + - accessKeyID + - accessSecretRef + - bucket + - region + type: object + s3: + properties: + accesskey: + type: string + bucket: + type: string + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + encrypt: + default: false + type: boolean + keyid: + type: string + multipartcopychunksize: + format: int64 + type: integer + multipartcopymaxconcurrency: + format: int64 + type: integer + multipartcopythresholdsize: + format: int64 + type: integer + region: + type: string + regionendpoint: + type: string + rootdirectory: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + secure: + default: true + type: boolean + skipverify: + default: false + type: boolean + storageclass: + default: STANDARD + type: string + v4auth: + default: true + type: boolean + required: + - bucket + - region + type: object + swift: + properties: + accesskey: + type: string + authurl: + type: string + authversion: + type: string + chunksize: + format: int64 + minimum: 5242880 + type: integer + container: + type: string + domain: + type: string + domainID: + type: string + endpointtype: + default: public + enum: + - public + - internal + - admin + type: string + insecureskipverify: + default: false + type: boolean + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + prefix: + type: string + region: + type: string + secretkeyRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + tenant: + type: string + tenantID: + type: string + trustid: + type: string + username: + type: string + required: + - authurl + - container + type: object + type: object + maintenance: + properties: + readOnly: + properties: + enabled: + default: false + type: boolean + type: object + uploadPurging: + properties: + age: + default: 168h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + dryRun: + default: false + type: boolean + enabled: + default: false + type: boolean + interval: + default: 24h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + type: object + redirect: + properties: + disable: + default: false + type: boolean + type: object + required: + - driver + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + trace: + properties: + attributes: + additionalProperties: + type: string + type: object + enabled: + default: false + type: boolean + jaeger: + properties: + agent: + properties: + host: + type: string + port: + type: integer + type: object + collector: + properties: + endpoint: + type: string + passwordRef: + type: string + username: + type: string + required: + - endpoint + type: object + mode: + enum: + - collector + - agent + type: string + required: + - mode + type: object + namespace: + type: string + otel: + properties: + compression: + type: boolean + endpoint: + type: string + insecure: + type: boolean + timeout: + default: 10s + type: string + urlPath: + type: string + required: + - endpoint + - urlPath + type: object + provider: + enum: + - jaeger + - otel + type: string + sampleRate: + default: 1 + type: integer + required: + - provider + type: object + updateStrategyType: + default: RollingUpdate + type: string + validation: + properties: + disabled: + type: boolean + manifests: + properties: + urls: + properties: + allow: + items: + type: string + type: array + deny: + items: + type: string + type: array + type: object + type: object + type: object + required: + - storage + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + required: + - metadata + type: object + served: true + storage: true + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: registrycontrollers.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: RegistryController + listKind: RegistryControllerList + plural: registrycontrollers + singular: registrycontroller + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + coreSecretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + jobServiceSecretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + registryRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - authentication + - registryRef + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + authentication: + properties: + coreSecretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + jobServiceSecretRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + type: string + type: object + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + registryRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + serviceAccountName: + type: string + templateAnnotations: + additionalProperties: + type: string + type: object + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + required: + - authentication + - registryRef + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: '{{.Release.Namespace}}/{{. | include "chart.fullname"}}-serving-cert' + controller-gen.kubebuilder.io/version: v0.14.0 + name: trivies.goharbor.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: {{ include "chart.fullname" . | quote }} + namespace: {{ .Release.Namespace }} + path: /convert + conversionReviewVersions: + - v1 + group: goharbor.io + names: + categories: + - goharbor + kind: Trivy + listKind: TrivyList + plural: trivies + singular: trivy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + default: + level: info + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + - panic + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + jobs: + properties: + Namespace: + default: harbor.scanner.trivy:job-queue + type: string + scanTTL: + default: 1h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + namespace: + default: harbor.scanner.trivy:store + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + pool: + properties: + connectionTimeout: + default: 1s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + idleTimeout: + default: 5m + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + maxActive: + default: 5 + minimum: 0 + type: integer + maxIdle: + default: 5 + minimum: 0 + type: integer + readTimeout: + default: 1s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + writeTimeout: + default: 1s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + server: + properties: + clientCertificateAuthorityRefs: + items: + type: string + type: array + debugMode: + default: false + type: boolean + idleTimeout: + default: 60s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + ignoreUnfixed: + default: false + type: boolean + insecure: + default: false + type: boolean + proxy: + properties: + URL: + pattern: https?://.+ + type: string + noProxy: + items: + type: string + type: array + required: + - URL + type: object + readTimeout: + default: 15s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tokenServiceCertificateAuthorityRefs: + items: + type: string + type: array + writeTimeout: + default: 15s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + serviceAccountName: + type: string + severities: + default: + - UNKNOWN + - LOW + - MEDIUM + - HIGH + - CRITICAL + items: + enum: + - UNKNOWN + - LOW + - MEDIUM + - HIGH + - CRITICAL + type: string + type: array + storage: + properties: + cache: + properties: + prefix: + type: string + volumeSource: + default: + emptyDir: + sizeLimit: 1Gi + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + reports: + properties: + prefix: + type: string + volumeSource: + default: + emptyDir: + sizeLimit: 1Gi + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + required: + - cache + - reports + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + update: + properties: + githubTokenRef: + type: string + skip: + default: false + type: boolean + type: object + vulnerabilityTypes: + default: + - os + - library + items: + enum: + - os + - library + type: string + type: array + required: + - server + - storage + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Timestamp representing the server time when this object was created. + It is not guaranteed to be set in happens-before order across separate operations. + Clients may not set this value. It is represented in RFC3339 form and is in + UTC. + jsonPath: .metadata.creationTimestamp + name: Age + priority: 1 + type: date + - description: Human readable message describing the failure + jsonPath: .status.conditions[?(@.type=="Failed")].message + name: Failure + priority: 5 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + certificateRefs: + items: + type: string + type: array + image: + type: string + imagePullPolicy: + enum: + - Always + - Never + - IfNotPresent + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + type: array + log: + default: + level: info + properties: + level: + default: info + enum: + - debug + - info + - warning + - error + - fatal + - panic + type: string + type: object + network: + properties: + ipFamilies: + items: + type: string + type: array + type: object + nodeSelector: + additionalProperties: + type: string + type: object + offlineScan: + default: false + type: boolean + proxy: + properties: + httpProxy: + pattern: https?://.+ + type: string + httpsProxy: + pattern: https?://.+ + type: string + noProxy: + default: + - 127.0.0.1 + - localhost + - .local + - .internal + items: + type: string + type: array + type: object + redis: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + database: + default: 0 + format: int32 + maximum: 8 + minimum: 0 + type: integer + host: + minLength: 1 + type: string + jobs: + properties: + Namespace: + default: harbor.scanner.trivy:job-queue + type: string + scanTTL: + default: 1h + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + namespace: + default: harbor.scanner.trivy:store + type: string + passwordRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + pool: + properties: + connectionTimeout: + default: 1s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + idleTimeout: + default: 5m + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + maxActive: + default: 5 + minimum: 0 + type: integer + maxIdle: + default: 5 + minimum: 0 + type: integer + readTimeout: + default: 1s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + writeTimeout: + default: 1s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + port: + exclusiveMinimum: true + format: int32 + minimum: 0 + type: integer + sentinelMasterSet: + type: string + required: + - host + type: object + replicas: + format: int32 + minimum: 0 + type: integer + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + server: + properties: + clientCertificateAuthorityRefs: + items: + type: string + type: array + debugMode: + default: false + type: boolean + idleTimeout: + default: 60s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + ignoreUnfixed: + default: false + type: boolean + insecure: + default: false + type: boolean + proxy: + properties: + URL: + pattern: https?://.+ + type: string + noProxy: + items: + type: string + type: array + required: + - URL + type: object + readTimeout: + default: 15s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + tls: + properties: + certificateRef: + pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' + type: string + type: object + tokenServiceCertificateAuthorityRefs: + items: + type: string + type: array + writeTimeout: + default: 15s + pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? + type: string + type: object + serviceAccountName: + type: string + severities: + default: + - UNKNOWN + - LOW + - MEDIUM + - HIGH + - CRITICAL + items: + enum: + - UNKNOWN + - LOW + - MEDIUM + - HIGH + - CRITICAL + type: string + type: array + storage: + properties: + cache: + properties: + prefix: + type: string + volumeSource: + default: + emptyDir: + sizeLimit: 1Gi + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + reports: + properties: + prefix: + type: string + volumeSource: + default: + emptyDir: + sizeLimit: 1Gi + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + required: + - kind + - name + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + type: object + type: object + required: + - cache + - reports + type: object + templateAnnotations: + additionalProperties: + type: string + type: object + timeout: + default: 5m0s + type: string + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + update: + properties: + githubTokenRef: + type: string + skip: + default: false + type: boolean + type: object + vulnerabilityTypes: + default: + - os + - library + items: + enum: + - os + - library + type: string + type: array + required: + - server + - storage + type: object + status: + properties: + conditions: + items: + properties: + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + format: int64 + type: integer + operator: + properties: + controllerGitCommit: + minLength: 1 + type: string + controllerName: + minLength: 1 + type: string + controllerVersion: + minLength: 1 + type: string + type: object + replicas: + format: int32 + minimum: 0 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +{{- end -}} diff --git a/controllers/goharbor/chartmuseum/chartmuseum.go b/controllers/goharbor/chartmuseum/chartmuseum.go index d90bbe66e..99517b7a5 100644 --- a/controllers/goharbor/chartmuseum/chartmuseum.go +++ b/controllers/goharbor/chartmuseum/chartmuseum.go @@ -4,11 +4,11 @@ import ( "context" "time" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/config/template" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config/template" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/chartmuseum/chartmuseum_test.go b/controllers/goharbor/chartmuseum/chartmuseum_test.go index b63b87721..81f023d90 100644 --- a/controllers/goharbor/chartmuseum/chartmuseum_test.go +++ b/controllers/goharbor/chartmuseum/chartmuseum_test.go @@ -9,10 +9,10 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" diff --git a/controllers/goharbor/chartmuseum/configs.go b/controllers/goharbor/chartmuseum/configs.go index 901eb4896..5ecf5a377 100644 --- a/controllers/goharbor/chartmuseum/configs.go +++ b/controllers/goharbor/chartmuseum/configs.go @@ -5,9 +5,9 @@ import ( "crypto/sha256" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - conftemplate "github.com/goharbor/harbor-operator/pkg/config/template" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + conftemplate "github.com/plotly/harbor-operator/pkg/config/template" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/chartmuseum/deployments.go b/controllers/goharbor/chartmuseum/deployments.go index 05b809213..2c334de29 100644 --- a/controllers/goharbor/chartmuseum/deployments.go +++ b/controllers/goharbor/chartmuseum/deployments.go @@ -6,11 +6,11 @@ import ( "strings" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/chartmuseum/networkpolicies.go b/controllers/goharbor/chartmuseum/networkpolicies.go index c03ac7101..5d012f798 100644 --- a/controllers/goharbor/chartmuseum/networkpolicies.go +++ b/controllers/goharbor/chartmuseum/networkpolicies.go @@ -3,9 +3,9 @@ package chartmuseum import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/chartmuseum/resources.go b/controllers/goharbor/chartmuseum/resources.go index 22e50eb59..b18811a38 100644 --- a/controllers/goharbor/chartmuseum/resources.go +++ b/controllers/goharbor/chartmuseum/resources.go @@ -3,9 +3,9 @@ package chartmuseum import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" ) diff --git a/controllers/goharbor/chartmuseum/services.go b/controllers/goharbor/chartmuseum/services.go index 73ba28963..174046e4a 100644 --- a/controllers/goharbor/chartmuseum/services.go +++ b/controllers/goharbor/chartmuseum/services.go @@ -3,8 +3,8 @@ package chartmuseum import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/chartmuseum/suite_test.go b/controllers/goharbor/chartmuseum/suite_test.go index 3b0f615c1..81cdc42db 100644 --- a/controllers/goharbor/chartmuseum/suite_test.go +++ b/controllers/goharbor/chartmuseum/suite_test.go @@ -7,9 +7,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/chartmuseum" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/chartmuseum" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" ) var ( diff --git a/controllers/goharbor/chartmuseum_test.go b/controllers/goharbor/chartmuseum_test.go index c7303b3a7..249c4a317 100644 --- a/controllers/goharbor/chartmuseum_test.go +++ b/controllers/goharbor/chartmuseum_test.go @@ -5,9 +5,9 @@ import ( . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/controllers/goharbor/configuration/cm_reconciler.go b/controllers/goharbor/configuration/cm_reconciler.go index e084cf551..12019e7fa 100644 --- a/controllers/goharbor/configuration/cm_reconciler.go +++ b/controllers/goharbor/configuration/cm_reconciler.go @@ -5,10 +5,10 @@ import ( "fmt" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/utils/strings" "github.com/ovh/configstore" "gopkg.in/yaml.v2" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/configuration/reconciler.go b/controllers/goharbor/configuration/reconciler.go index 54acf10f6..68390301a 100644 --- a/controllers/goharbor/configuration/reconciler.go +++ b/controllers/goharbor/configuration/reconciler.go @@ -7,10 +7,10 @@ import ( "github.com/goharbor/go-client/pkg/harbor" "github.com/goharbor/go-client/pkg/sdk/v2.0/client/configure" "github.com/goharbor/go-client/pkg/sdk/v2.0/models" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/utils/strings" "github.com/ovh/configstore" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/controller_test.go b/controllers/goharbor/controller_test.go index df327db2e..94d83c02d 100644 --- a/controllers/goharbor/controller_test.go +++ b/controllers/goharbor/controller_test.go @@ -8,9 +8,9 @@ import ( . "github.com/onsi/gomega" . "github.com/onsi/gomega/gstruct" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/pkg/factories/logger" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -108,5 +108,5 @@ var _ = DescribeTable( Entry("JobService", newJobServiceController(), time.Minute, 5*time.Second), Entry("Exporter", newExporterController(), time.Minute, 5*time.Second), // Following tests require redis - Entry("Harbor", newHarborController(), 5*time.Minute, 10*time.Second), + //Entry("Harbor", newHarborController(), 5*time.Minute, 10*time.Second), ) diff --git a/controllers/goharbor/core/configs.go b/controllers/goharbor/core/configs.go index 5ec82a7d8..b21b3ee3a 100644 --- a/controllers/goharbor/core/configs.go +++ b/controllers/goharbor/core/configs.go @@ -5,9 +5,9 @@ import ( "crypto/sha256" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - conftemplate "github.com/goharbor/harbor-operator/pkg/config/template" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + conftemplate "github.com/plotly/harbor-operator/pkg/config/template" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/core/core.go b/controllers/goharbor/core/core.go index acdb72af0..e5f5934fa 100644 --- a/controllers/goharbor/core/core.go +++ b/controllers/goharbor/core/core.go @@ -4,11 +4,11 @@ import ( "context" "time" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/config/template" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config/template" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/core/core_test.go b/controllers/goharbor/core/core_test.go index 70a9996e7..36242f115 100644 --- a/controllers/goharbor/core/core_test.go +++ b/controllers/goharbor/core/core_test.go @@ -10,13 +10,13 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/certificate" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/certificate" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" diff --git a/controllers/goharbor/core/deployments.go b/controllers/goharbor/core/deployments.go index ec7788e6f..1948aafe2 100644 --- a/controllers/goharbor/core/deployments.go +++ b/controllers/goharbor/core/deployments.go @@ -9,13 +9,13 @@ import ( "strings" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config/harbor" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config/harbor" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/goharbor/harbor/src/common" registry "github.com/goharbor/harbor/src/pkg/reg/model" "github.com/pkg/errors" diff --git a/controllers/goharbor/core/networkpolicies.go b/controllers/goharbor/core/networkpolicies.go index 96b9dd9c0..be3021805 100644 --- a/controllers/goharbor/core/networkpolicies.go +++ b/controllers/goharbor/core/networkpolicies.go @@ -3,9 +3,9 @@ package core import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/core/resources.go b/controllers/goharbor/core/resources.go index 7b307b0c4..8b8bb05e3 100644 --- a/controllers/goharbor/core/resources.go +++ b/controllers/goharbor/core/resources.go @@ -3,9 +3,9 @@ package core import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" ) diff --git a/controllers/goharbor/core/secrets.go b/controllers/goharbor/core/secrets.go index 1d106b9d5..42ee70071 100644 --- a/controllers/goharbor/core/secrets.go +++ b/controllers/goharbor/core/secrets.go @@ -5,8 +5,8 @@ import ( "fmt" "net/url" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/core/services.go b/controllers/goharbor/core/services.go index 1c9a25e85..a029582aa 100644 --- a/controllers/goharbor/core/services.go +++ b/controllers/goharbor/core/services.go @@ -3,8 +3,8 @@ package core import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/core/suite_test.go b/controllers/goharbor/core/suite_test.go index 62393853f..4c0458c7f 100644 --- a/controllers/goharbor/core/suite_test.go +++ b/controllers/goharbor/core/suite_test.go @@ -20,9 +20,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/core" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/core" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" ) var ( diff --git a/controllers/goharbor/core_test.go b/controllers/goharbor/core_test.go index 8ae9c8ca9..51d1ee768 100644 --- a/controllers/goharbor/core_test.go +++ b/controllers/goharbor/core_test.go @@ -3,12 +3,12 @@ package goharbor_test import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/certificate" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/certificate" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" . "github.com/onsi/gomega" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/exporter/deployments.go b/controllers/goharbor/exporter/deployments.go index 485f5c9de..52d0ddc89 100644 --- a/controllers/goharbor/exporter/deployments.go +++ b/controllers/goharbor/exporter/deployments.go @@ -8,13 +8,13 @@ import ( "strconv" "strings" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/exporter/exporter.go b/controllers/goharbor/exporter/exporter.go index e8d1be474..2800825bc 100644 --- a/controllers/goharbor/exporter/exporter.go +++ b/controllers/goharbor/exporter/exporter.go @@ -3,10 +3,10 @@ package exporter import ( "context" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/exporter/networkpolicies.go b/controllers/goharbor/exporter/networkpolicies.go index b51fc9eff..2b828e571 100644 --- a/controllers/goharbor/exporter/networkpolicies.go +++ b/controllers/goharbor/exporter/networkpolicies.go @@ -3,9 +3,9 @@ package exporter import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/exporter/resources.go b/controllers/goharbor/exporter/resources.go index c70ac8c7d..637ab1445 100644 --- a/controllers/goharbor/exporter/resources.go +++ b/controllers/goharbor/exporter/resources.go @@ -3,9 +3,9 @@ package exporter import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" ) diff --git a/controllers/goharbor/exporter/services.go b/controllers/goharbor/exporter/services.go index 4b72f423d..4ff56ed55 100644 --- a/controllers/goharbor/exporter/services.go +++ b/controllers/goharbor/exporter/services.go @@ -3,8 +3,8 @@ package exporter import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/exporter_test.go b/controllers/goharbor/exporter_test.go index c192bb7aa..2387362a7 100644 --- a/controllers/goharbor/exporter_test.go +++ b/controllers/goharbor/exporter_test.go @@ -4,10 +4,10 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" . "github.com/onsi/gomega" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/controllers/goharbor/harbor/chartmuseum.go b/controllers/goharbor/harbor/chartmuseum.go index 646233f2a..7c0695d7f 100644 --- a/controllers/goharbor/harbor/chartmuseum.go +++ b/controllers/goharbor/harbor/chartmuseum.go @@ -4,11 +4,11 @@ import ( "context" "net/url" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/controllers/goharbor/harbor/core.go b/controllers/goharbor/harbor/core.go index 0b3685e18..9badfaf29 100644 --- a/controllers/goharbor/harbor/core.go +++ b/controllers/goharbor/harbor/core.go @@ -5,11 +5,11 @@ import ( "net/url" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" "github.com/pkg/errors" "github.com/sethvargo/go-password/password" diff --git a/controllers/goharbor/harbor/exporter.go b/controllers/goharbor/harbor/exporter.go index 1afe47133..f4f894b50 100644 --- a/controllers/goharbor/harbor/exporter.go +++ b/controllers/goharbor/harbor/exporter.go @@ -3,11 +3,11 @@ package harbor import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/controllers/goharbor/harbor/github.go b/controllers/goharbor/harbor/github.go index db3c5ef8e..f25ae9d6f 100644 --- a/controllers/goharbor/harbor/github.go +++ b/controllers/goharbor/harbor/github.go @@ -1,7 +1,7 @@ package harbor import ( - "github.com/goharbor/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config" "github.com/ovh/configstore" ) diff --git a/controllers/goharbor/harbor/harbor.go b/controllers/goharbor/harbor/harbor.go index 90f55ab3a..82a221298 100644 --- a/controllers/goharbor/harbor/harbor.go +++ b/controllers/goharbor/harbor/harbor.go @@ -4,11 +4,11 @@ import ( "context" "net/url" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" "github.com/ovh/configstore" "github.com/pkg/errors" diff --git a/controllers/goharbor/harbor/harbor_suite_test.go b/controllers/goharbor/harbor/harbor_suite_test.go index e59482408..09d271f0c 100644 --- a/controllers/goharbor/harbor/harbor_suite_test.go +++ b/controllers/goharbor/harbor/harbor_suite_test.go @@ -6,10 +6,10 @@ import ( "strings" "testing" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/harbor" - "github.com/goharbor/harbor-operator/pkg/config" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/harbor" + "github.com/plotly/harbor-operator/pkg/config" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/runtime" diff --git a/controllers/goharbor/harbor/harbor_test.go b/controllers/goharbor/harbor/harbor_test.go index 33d46c174..dd2250e47 100644 --- a/controllers/goharbor/harbor/harbor_test.go +++ b/controllers/goharbor/harbor/harbor_test.go @@ -5,10 +5,10 @@ import ( "os" "strings" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers/goharbor/harbor" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/pkg/image" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers/goharbor/harbor" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/pkg/image" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/runtime" diff --git a/controllers/goharbor/harbor/ingresses.go b/controllers/goharbor/harbor/ingresses.go index 3ba922a61..55015cf74 100644 --- a/controllers/goharbor/harbor/ingresses.go +++ b/controllers/goharbor/harbor/ingresses.go @@ -4,10 +4,10 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/harbor/internaltls.go b/controllers/goharbor/harbor/internaltls.go index 3ccfac3b6..6a305e913 100644 --- a/controllers/goharbor/harbor/internaltls.go +++ b/controllers/goharbor/harbor/internaltls.go @@ -4,10 +4,10 @@ import ( "context" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/graph" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" v1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" "github.com/ovh/configstore" diff --git a/controllers/goharbor/harbor/jobservice.go b/controllers/goharbor/harbor/jobservice.go index 1e0a9f0b1..8a2850ab5 100644 --- a/controllers/goharbor/harbor/jobservice.go +++ b/controllers/goharbor/harbor/jobservice.go @@ -6,11 +6,11 @@ import ( "net/url" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" "github.com/sethvargo/go-password/password" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/harbor/networkpolicies.go b/controllers/goharbor/harbor/networkpolicies.go index ab7a596e4..7e204ef8a 100644 --- a/controllers/goharbor/harbor/networkpolicies.go +++ b/controllers/goharbor/harbor/networkpolicies.go @@ -3,10 +3,10 @@ package harbor import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/harbor/notary.go b/controllers/goharbor/harbor/notary.go index cb9807363..abe59da23 100644 --- a/controllers/goharbor/harbor/notary.go +++ b/controllers/goharbor/harbor/notary.go @@ -1,7 +1,7 @@ package harbor import ( - "github.com/goharbor/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config" "github.com/ovh/configstore" "github.com/pkg/errors" ) diff --git a/controllers/goharbor/harbor/notaryserver.go b/controllers/goharbor/harbor/notaryserver.go index ed0481169..0e10b12ef 100644 --- a/controllers/goharbor/harbor/notaryserver.go +++ b/controllers/goharbor/harbor/notaryserver.go @@ -5,13 +5,13 @@ import ( "net/url" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" v1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" "github.com/pkg/errors" diff --git a/controllers/goharbor/harbor/notarysigner.go b/controllers/goharbor/harbor/notarysigner.go index 21533603a..1b4882c18 100644 --- a/controllers/goharbor/harbor/notarysigner.go +++ b/controllers/goharbor/harbor/notarysigner.go @@ -5,12 +5,12 @@ import ( "strings" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" v1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" "github.com/pkg/errors" diff --git a/controllers/goharbor/harbor/portal.go b/controllers/goharbor/harbor/portal.go index 9a870c0c3..c073a73a2 100644 --- a/controllers/goharbor/harbor/portal.go +++ b/controllers/goharbor/harbor/portal.go @@ -3,10 +3,10 @@ package harbor import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/controllers/goharbor/harbor/registry.go b/controllers/goharbor/harbor/registry.go index ae9ef5218..ae54dd005 100644 --- a/controllers/goharbor/harbor/registry.go +++ b/controllers/goharbor/harbor/registry.go @@ -5,13 +5,13 @@ import ( "fmt" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" "github.com/sethvargo/go-password/password" "golang.org/x/crypto/bcrypt" diff --git a/controllers/goharbor/harbor/registryctl.go b/controllers/goharbor/harbor/registryctl.go index 9dda281eb..818bc7056 100644 --- a/controllers/goharbor/harbor/registryctl.go +++ b/controllers/goharbor/harbor/registryctl.go @@ -3,11 +3,11 @@ package harbor import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/controllers/goharbor/harbor/resources.go b/controllers/goharbor/harbor/resources.go index 88d2cea62..18ec4757f 100644 --- a/controllers/goharbor/harbor/resources.go +++ b/controllers/goharbor/harbor/resources.go @@ -3,10 +3,10 @@ package harbor import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" ) diff --git a/controllers/goharbor/harbor/storage.go b/controllers/goharbor/harbor/storage.go index ec804469e..89d2ee672 100644 --- a/controllers/goharbor/harbor/storage.go +++ b/controllers/goharbor/harbor/storage.go @@ -3,7 +3,7 @@ package harbor import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" corev1 "k8s.io/api/core/v1" ) diff --git a/controllers/goharbor/harbor/trivy.go b/controllers/goharbor/harbor/trivy.go index 7d8c07ff9..294e40a2a 100644 --- a/controllers/goharbor/harbor/trivy.go +++ b/controllers/goharbor/harbor/trivy.go @@ -3,13 +3,13 @@ package harbor import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/harbor/trivy_test.go b/controllers/goharbor/harbor/trivy_test.go index bf9b1f7a3..aa34065f5 100644 --- a/controllers/goharbor/harbor/trivy_test.go +++ b/controllers/goharbor/harbor/trivy_test.go @@ -4,11 +4,11 @@ import ( "context" "os" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/factories/owner" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/factories/owner" + "github.com/plotly/harbor-operator/pkg/graph" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "github.com/ovh/configstore" diff --git a/controllers/goharbor/harbor_test.go b/controllers/goharbor/harbor_test.go index b226848a7..aadb9a8d9 100644 --- a/controllers/goharbor/harbor_test.go +++ b/controllers/goharbor/harbor_test.go @@ -4,12 +4,12 @@ import ( "context" "net/url" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" + "github.com/plotly/harbor-operator/pkg/factories/logger" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" . "github.com/onsi/ginkgo/v2" diff --git a/controllers/goharbor/harborcluster/ctrl_setup.go b/controllers/goharbor/harborcluster/ctrl_setup.go index 7055b2314..62583ba6d 100644 --- a/controllers/goharbor/harborcluster/ctrl_setup.go +++ b/controllers/goharbor/harborcluster/ctrl_setup.go @@ -3,19 +3,19 @@ package harborcluster import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/builder" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/cache" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/database" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/harbor" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/storage" - minio "github.com/goharbor/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" - "github.com/goharbor/harbor-operator/pkg/config" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/builder" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/cache" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/database" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/harbor" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/storage" + minio "github.com/plotly/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" + "github.com/plotly/harbor-operator/pkg/config" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/utils/strings" "github.com/ovh/configstore" "github.com/pkg/errors" redisOp "github.com/spotahome/redis-operator/api/redisfailover/v1" diff --git a/controllers/goharbor/harborcluster/harborcluster.go b/controllers/goharbor/harborcluster/harborcluster.go index d35613186..5cbf4c8ed 100644 --- a/controllers/goharbor/harborcluster/harborcluster.go +++ b/controllers/goharbor/harborcluster/harborcluster.go @@ -5,9 +5,9 @@ import ( "fmt" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/gos" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/gos" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" diff --git a/controllers/goharbor/harborcluster/service_mgr.go b/controllers/goharbor/harborcluster/service_mgr.go index 0ca9bea2d..4c03082db 100644 --- a/controllers/goharbor/harborcluster/service_mgr.go +++ b/controllers/goharbor/harborcluster/service_mgr.go @@ -18,9 +18,9 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/harbor" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/harbor" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" "github.com/pkg/errors" v1 "k8s.io/api/core/v1" ) diff --git a/controllers/goharbor/harborcluster/status.go b/controllers/goharbor/harborcluster/status.go index e02adfb68..0d01b5078 100644 --- a/controllers/goharbor/harborcluster/status.go +++ b/controllers/goharbor/harborcluster/status.go @@ -20,8 +20,8 @@ import ( "time" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" diff --git a/controllers/goharbor/harborserverconfiguration/harborserverconfiguration.go b/controllers/goharbor/harborserverconfiguration/harborserverconfiguration.go index fb08b8b78..b803240ea 100644 --- a/controllers/goharbor/harborserverconfiguration/harborserverconfiguration.go +++ b/controllers/goharbor/harborserverconfiguration/harborserverconfiguration.go @@ -5,11 +5,11 @@ import ( "fmt" "time" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - harborClient "github.com/goharbor/harbor-operator/pkg/rest" - v2 "github.com/goharbor/harbor-operator/pkg/rest/v2" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + harborClient "github.com/plotly/harbor-operator/pkg/rest" + v2 "github.com/plotly/harbor-operator/pkg/rest/v2" "github.com/ovh/configstore" "github.com/pkg/errors" apierr "k8s.io/apimachinery/pkg/api/errors" diff --git a/controllers/goharbor/harborserverconfiguration/resources.go b/controllers/goharbor/harborserverconfiguration/resources.go index d0e8ef33a..556ceeff5 100644 --- a/controllers/goharbor/harborserverconfiguration/resources.go +++ b/controllers/goharbor/harborserverconfiguration/resources.go @@ -3,8 +3,8 @@ package harborserverconfiguration import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/resources" ) func (r *Reconciler) NewEmpty(_ context.Context) resources.Resource { diff --git a/controllers/goharbor/internal/test/client.go b/controllers/goharbor/internal/test/client.go index ad76b948c..c91e3606e 100644 --- a/controllers/goharbor/internal/test/client.go +++ b/controllers/goharbor/internal/test/client.go @@ -4,7 +4,7 @@ import ( "context" "fmt" - "github.com/goharbor/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/application" "github.com/onsi/gomega" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime/serializer" diff --git a/controllers/goharbor/internal/test/context.go b/controllers/goharbor/internal/test/context.go index 178d5b39d..efed3dc4f 100644 --- a/controllers/goharbor/internal/test/context.go +++ b/controllers/goharbor/internal/test/context.go @@ -3,9 +3,9 @@ package test import ( "context" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/scheme" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/scheme" "github.com/onsi/ginkgo/v2" "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/runtime" diff --git a/controllers/goharbor/internal/test/controllers/controllers.go b/controllers/goharbor/internal/test/controllers/controllers.go index caafe7b90..3323c3037 100644 --- a/controllers/goharbor/internal/test/controllers/controllers.go +++ b/controllers/goharbor/internal/test/controllers/controllers.go @@ -4,19 +4,19 @@ import ( "context" "path" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/chartmuseum" - "github.com/goharbor/harbor-operator/controllers/goharbor/core" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/jobservice" - "github.com/goharbor/harbor-operator/controllers/goharbor/notaryserver" - "github.com/goharbor/harbor-operator/controllers/goharbor/notarysigner" - "github.com/goharbor/harbor-operator/controllers/goharbor/portal" - "github.com/goharbor/harbor-operator/controllers/goharbor/registry" - "github.com/goharbor/harbor-operator/controllers/goharbor/trivy" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/setup" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/chartmuseum" + "github.com/plotly/harbor-operator/controllers/goharbor/core" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/jobservice" + "github.com/plotly/harbor-operator/controllers/goharbor/notaryserver" + "github.com/plotly/harbor-operator/controllers/goharbor/notarysigner" + "github.com/plotly/harbor-operator/controllers/goharbor/portal" + "github.com/plotly/harbor-operator/controllers/goharbor/registry" + "github.com/plotly/harbor-operator/controllers/goharbor/trivy" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/setup" "github.com/onsi/gomega" "github.com/ovh/configstore" ) diff --git a/controllers/goharbor/internal/test/harbor-core/mock.go b/controllers/goharbor/internal/test/harbor-core/mock.go index b4aa749a1..84037deb0 100644 --- a/controllers/goharbor/internal/test/harbor-core/mock.go +++ b/controllers/goharbor/internal/test/harbor-core/mock.go @@ -7,14 +7,14 @@ import ( "net/url" "strconv" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" "github.com/goharbor/harbor/src/common" "github.com/goharbor/harbor/src/lib/config/metadata" "github.com/goharbor/harbor/src/lib/config/models" "github.com/goharbor/harbor/src/pkg/config" "github.com/onsi/gomega" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/internal/test/pods/logs.go b/controllers/goharbor/internal/test/pods/logs.go index 1b1ca67b8..f256b4a0b 100644 --- a/controllers/goharbor/internal/test/pods/logs.go +++ b/controllers/goharbor/internal/test/pods/logs.go @@ -4,7 +4,7 @@ import ( "context" "fmt" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" "github.com/onsi/ginkgo/v2" "github.com/onsi/gomega" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/internal/test/pods/pods.go b/controllers/goharbor/internal/test/pods/pods.go index a7e213f46..7c0690561 100644 --- a/controllers/goharbor/internal/test/pods/pods.go +++ b/controllers/goharbor/internal/test/pods/pods.go @@ -5,8 +5,8 @@ import ( "fmt" "strings" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/pkg/resources/statuscheck" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/pkg/resources/statuscheck" "github.com/onsi/gomega" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/internal/test/port-forward/port-forward.go b/controllers/goharbor/internal/test/port-forward/port-forward.go index 065977357..d8d0561ed 100644 --- a/controllers/goharbor/internal/test/port-forward/port-forward.go +++ b/controllers/goharbor/internal/test/port-forward/port-forward.go @@ -10,8 +10,8 @@ import ( "time" "github.com/go-logr/logr" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" "github.com/onsi/ginkgo/v2" "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/types" diff --git a/controllers/goharbor/internal/test/postgresql/postgres.go b/controllers/goharbor/internal/test/postgresql/postgres.go index 69fb3cb66..b63732bc5 100644 --- a/controllers/goharbor/internal/test/postgresql/postgres.go +++ b/controllers/goharbor/internal/test/postgresql/postgres.go @@ -4,8 +4,8 @@ import ( "context" "fmt" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" "github.com/onsi/gomega" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/internal/test/redis/redis.go b/controllers/goharbor/internal/test/redis/redis.go index 84effa737..160998ce6 100644 --- a/controllers/goharbor/internal/test/redis/redis.go +++ b/controllers/goharbor/internal/test/redis/redis.go @@ -3,8 +3,8 @@ package redis import ( "context" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" "github.com/onsi/gomega" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/internal/test/status.go b/controllers/goharbor/internal/test/status.go index 2259f2d6c..d9b07f8c0 100644 --- a/controllers/goharbor/internal/test/status.go +++ b/controllers/goharbor/internal/test/status.go @@ -5,7 +5,7 @@ import ( "fmt" "time" - "github.com/goharbor/harbor-operator/pkg/resources/statuscheck" + "github.com/plotly/harbor-operator/pkg/resources/statuscheck" "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" diff --git a/controllers/goharbor/internal/test/utils.go b/controllers/goharbor/internal/test/utils.go index bf5bd884d..f3fb3c0cf 100644 --- a/controllers/goharbor/internal/test/utils.go +++ b/controllers/goharbor/internal/test/utils.go @@ -3,7 +3,7 @@ package test import ( "context" - "github.com/goharbor/harbor-operator/pkg/version" + "github.com/plotly/harbor-operator/pkg/version" "github.com/onsi/gomega" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" diff --git a/controllers/goharbor/jobservice/configs.go b/controllers/goharbor/jobservice/configs.go index 9d3b1e8c4..2eefd9a50 100644 --- a/controllers/goharbor/jobservice/configs.go +++ b/controllers/goharbor/jobservice/configs.go @@ -5,9 +5,9 @@ import ( "crypto/sha256" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - conftemplate "github.com/goharbor/harbor-operator/pkg/config/template" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + conftemplate "github.com/plotly/harbor-operator/pkg/config/template" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/jobservice/deployments.go b/controllers/goharbor/jobservice/deployments.go index f607be470..a048ef409 100644 --- a/controllers/goharbor/jobservice/deployments.go +++ b/controllers/goharbor/jobservice/deployments.go @@ -6,12 +6,12 @@ import ( "path" "strconv" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config/harbor" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config/harbor" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/goharbor/harbor/src/common" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/jobservice/jobservice.go b/controllers/goharbor/jobservice/jobservice.go index 0977686bf..1dea18f38 100644 --- a/controllers/goharbor/jobservice/jobservice.go +++ b/controllers/goharbor/jobservice/jobservice.go @@ -4,11 +4,11 @@ import ( "context" "time" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/config/template" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config/template" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/jobservice/jobservice_test.go b/controllers/goharbor/jobservice/jobservice_test.go index 2b692968a..64c2c32a2 100644 --- a/controllers/goharbor/jobservice/jobservice_test.go +++ b/controllers/goharbor/jobservice/jobservice_test.go @@ -10,12 +10,12 @@ import ( . "github.com/onsi/gomega" . "github.com/onsi/gomega/gstruct" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - harborcore "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/harbor-core" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + harborcore "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/harbor-core" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" "github.com/goharbor/harbor/src/common" "github.com/goharbor/harbor/src/pkg/config/inmemory" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/jobservice/networkpolicies.go b/controllers/goharbor/jobservice/networkpolicies.go index 46c45ea12..2761a3f66 100644 --- a/controllers/goharbor/jobservice/networkpolicies.go +++ b/controllers/goharbor/jobservice/networkpolicies.go @@ -3,8 +3,8 @@ package jobservice import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/jobservice/resources.go b/controllers/goharbor/jobservice/resources.go index e3d3d5760..66e912a60 100644 --- a/controllers/goharbor/jobservice/resources.go +++ b/controllers/goharbor/jobservice/resources.go @@ -3,9 +3,9 @@ package jobservice import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" ) diff --git a/controllers/goharbor/jobservice/secrets.go b/controllers/goharbor/jobservice/secrets.go index 2f626b8ce..7b2432e2a 100644 --- a/controllers/goharbor/jobservice/secrets.go +++ b/controllers/goharbor/jobservice/secrets.go @@ -3,7 +3,7 @@ package jobservice import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" "github.com/sethvargo/go-password/password" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/jobservice/services.go b/controllers/goharbor/jobservice/services.go index bb1f82431..36b735c68 100644 --- a/controllers/goharbor/jobservice/services.go +++ b/controllers/goharbor/jobservice/services.go @@ -3,8 +3,8 @@ package jobservice import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/jobservice/suite_test.go b/controllers/goharbor/jobservice/suite_test.go index 8573dc595..c650d5af2 100644 --- a/controllers/goharbor/jobservice/suite_test.go +++ b/controllers/goharbor/jobservice/suite_test.go @@ -7,9 +7,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/jobservice" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/jobservice" ) var ( diff --git a/controllers/goharbor/jobservice_test.go b/controllers/goharbor/jobservice_test.go index 6e6929487..27d825877 100644 --- a/controllers/goharbor/jobservice_test.go +++ b/controllers/goharbor/jobservice_test.go @@ -6,10 +6,10 @@ import ( . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/controllers/goharbor/namespace/namespace.go b/controllers/goharbor/namespace/namespace.go index 2079a7159..f284cb2b0 100644 --- a/controllers/goharbor/namespace/namespace.go +++ b/controllers/goharbor/namespace/namespace.go @@ -7,13 +7,13 @@ import ( "github.com/go-logr/logr" v2models "github.com/goharbor/go-client/pkg/sdk/v2.0/models" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - harborClient "github.com/goharbor/harbor-operator/pkg/rest" - v2 "github.com/goharbor/harbor-operator/pkg/rest/v2" - "github.com/goharbor/harbor-operator/pkg/utils/consts" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + harborClient "github.com/plotly/harbor-operator/pkg/rest" + v2 "github.com/plotly/harbor-operator/pkg/rest/v2" + "github.com/plotly/harbor-operator/pkg/utils/consts" + "github.com/plotly/harbor-operator/pkg/utils/strings" "github.com/ovh/configstore" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/namespace/resources.go b/controllers/goharbor/namespace/resources.go index b9130b7ca..db8e47c4f 100644 --- a/controllers/goharbor/namespace/resources.go +++ b/controllers/goharbor/namespace/resources.go @@ -3,7 +3,7 @@ package namespace import ( "context" - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" corev1 "k8s.io/api/core/v1" ) diff --git a/controllers/goharbor/notaryserver/configs.go b/controllers/goharbor/notaryserver/configs.go index 02c43b3dc..3f5bda351 100644 --- a/controllers/goharbor/notaryserver/configs.go +++ b/controllers/goharbor/notaryserver/configs.go @@ -5,9 +5,9 @@ import ( "crypto/sha256" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - conftemplate "github.com/goharbor/harbor-operator/pkg/config/template" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + conftemplate "github.com/plotly/harbor-operator/pkg/config/template" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/notaryserver/deployments.go b/controllers/goharbor/notaryserver/deployments.go index 6395f70a9..adbaa46d6 100644 --- a/controllers/goharbor/notaryserver/deployments.go +++ b/controllers/goharbor/notaryserver/deployments.go @@ -4,11 +4,11 @@ import ( "context" "path" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/notaryserver/networkpolicies.go b/controllers/goharbor/notaryserver/networkpolicies.go index 04c80ba71..4ced82d0c 100644 --- a/controllers/goharbor/notaryserver/networkpolicies.go +++ b/controllers/goharbor/notaryserver/networkpolicies.go @@ -3,9 +3,9 @@ package notaryserver import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/notaryserver/notaryserver.go b/controllers/goharbor/notaryserver/notaryserver.go index 5c5f16b85..25f7a91e4 100644 --- a/controllers/goharbor/notaryserver/notaryserver.go +++ b/controllers/goharbor/notaryserver/notaryserver.go @@ -4,11 +4,11 @@ import ( "context" "time" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/config/template" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config/template" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/notaryserver/notaryserver_test.go b/controllers/goharbor/notaryserver/notaryserver_test.go index 86f6197a8..51aa70777 100644 --- a/controllers/goharbor/notaryserver/notaryserver_test.go +++ b/controllers/goharbor/notaryserver/notaryserver_test.go @@ -8,11 +8,11 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/rest" diff --git a/controllers/goharbor/notaryserver/resources.go b/controllers/goharbor/notaryserver/resources.go index a833bf3db..e9bac4ef4 100644 --- a/controllers/goharbor/notaryserver/resources.go +++ b/controllers/goharbor/notaryserver/resources.go @@ -3,11 +3,11 @@ package notaryserver import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/notaryserver/services.go b/controllers/goharbor/notaryserver/services.go index 0230b1059..3d728c949 100644 --- a/controllers/goharbor/notaryserver/services.go +++ b/controllers/goharbor/notaryserver/services.go @@ -3,8 +3,8 @@ package notaryserver import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/notaryserver/suite_test.go b/controllers/goharbor/notaryserver/suite_test.go index 64f6a3bd1..ea297aedf 100644 --- a/controllers/goharbor/notaryserver/suite_test.go +++ b/controllers/goharbor/notaryserver/suite_test.go @@ -7,9 +7,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/notaryserver" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/notaryserver" ) var ( diff --git a/controllers/goharbor/notaryserver_test.go b/controllers/goharbor/notaryserver_test.go index e38d50744..d06356583 100644 --- a/controllers/goharbor/notaryserver_test.go +++ b/controllers/goharbor/notaryserver_test.go @@ -5,10 +5,10 @@ import ( . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/controllers/goharbor/notarysigner/configs.go b/controllers/goharbor/notarysigner/configs.go index ff135cdb6..fa9dc7839 100644 --- a/controllers/goharbor/notarysigner/configs.go +++ b/controllers/goharbor/notarysigner/configs.go @@ -5,9 +5,9 @@ import ( "crypto/sha256" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - conftemplate "github.com/goharbor/harbor-operator/pkg/config/template" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + conftemplate "github.com/plotly/harbor-operator/pkg/config/template" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/notarysigner/deployments.go b/controllers/goharbor/notarysigner/deployments.go index 1e800d5ad..e94dfceba 100644 --- a/controllers/goharbor/notarysigner/deployments.go +++ b/controllers/goharbor/notarysigner/deployments.go @@ -4,11 +4,11 @@ import ( "context" "path" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/notarysigner/notarysigner.go b/controllers/goharbor/notarysigner/notarysigner.go index b9fca59e5..dde2fcbd1 100644 --- a/controllers/goharbor/notarysigner/notarysigner.go +++ b/controllers/goharbor/notarysigner/notarysigner.go @@ -4,11 +4,11 @@ import ( "context" "time" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/config/template" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config/template" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/notarysigner/notarysigner_test.go b/controllers/goharbor/notarysigner/notarysigner_test.go index 52574e473..c9f63b038 100644 --- a/controllers/goharbor/notarysigner/notarysigner_test.go +++ b/controllers/goharbor/notarysigner/notarysigner_test.go @@ -10,13 +10,13 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/certificate" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" - portforward "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/port-forward" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/certificate" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" + portforward "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/port-forward" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" "github.com/theupdateframework/notary" notary_client "github.com/theupdateframework/notary/signer/client" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/notarysigner/resources.go b/controllers/goharbor/notarysigner/resources.go index a509c7753..6adff89fe 100644 --- a/controllers/goharbor/notarysigner/resources.go +++ b/controllers/goharbor/notarysigner/resources.go @@ -3,11 +3,11 @@ package notarysigner import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/notarysigner/services.go b/controllers/goharbor/notarysigner/services.go index 2184aca1d..8f1c78211 100644 --- a/controllers/goharbor/notarysigner/services.go +++ b/controllers/goharbor/notarysigner/services.go @@ -3,8 +3,8 @@ package notarysigner import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/notarysigner/suite_test.go b/controllers/goharbor/notarysigner/suite_test.go index 0dd16bf5c..158cbbf84 100644 --- a/controllers/goharbor/notarysigner/suite_test.go +++ b/controllers/goharbor/notarysigner/suite_test.go @@ -7,9 +7,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/notarysigner" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/notarysigner" ) var ( diff --git a/controllers/goharbor/notarysigner_test.go b/controllers/goharbor/notarysigner_test.go index 4f71a97dd..18c8ab1bf 100644 --- a/controllers/goharbor/notarysigner_test.go +++ b/controllers/goharbor/notarysigner_test.go @@ -5,11 +5,11 @@ import ( . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/certificate" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/postgresql" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/certificate" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/postgresql" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/controllers/goharbor/portal/configs.go b/controllers/goharbor/portal/configs.go index c74da18df..5ed376793 100644 --- a/controllers/goharbor/portal/configs.go +++ b/controllers/goharbor/portal/configs.go @@ -5,9 +5,9 @@ import ( "crypto/sha256" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - conftemplate "github.com/goharbor/harbor-operator/pkg/config/template" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + conftemplate "github.com/plotly/harbor-operator/pkg/config/template" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/portal/deployments.go b/controllers/goharbor/portal/deployments.go index d3ae4487e..4d3106f2d 100644 --- a/controllers/goharbor/portal/deployments.go +++ b/controllers/goharbor/portal/deployments.go @@ -4,11 +4,11 @@ import ( "context" "path" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/portal/networkpolicies.go b/controllers/goharbor/portal/networkpolicies.go index 43a9dac15..1efafa9d7 100644 --- a/controllers/goharbor/portal/networkpolicies.go +++ b/controllers/goharbor/portal/networkpolicies.go @@ -3,9 +3,9 @@ package portal import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/portal/portal.go b/controllers/goharbor/portal/portal.go index ac9fd9caf..1aac245e1 100644 --- a/controllers/goharbor/portal/portal.go +++ b/controllers/goharbor/portal/portal.go @@ -3,11 +3,11 @@ package portal import ( "context" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/config/template" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config/template" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/portal/portal_test.go b/controllers/goharbor/portal/portal_test.go index 2c6332556..b5ebcca50 100644 --- a/controllers/goharbor/portal/portal_test.go +++ b/controllers/goharbor/portal/portal_test.go @@ -8,10 +8,10 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/rest" diff --git a/controllers/goharbor/portal/resources.go b/controllers/goharbor/portal/resources.go index 133a6ad0e..3e95b8570 100644 --- a/controllers/goharbor/portal/resources.go +++ b/controllers/goharbor/portal/resources.go @@ -3,9 +3,9 @@ package portal import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" ) diff --git a/controllers/goharbor/portal/services.go b/controllers/goharbor/portal/services.go index 7be62202d..62af4a5b5 100644 --- a/controllers/goharbor/portal/services.go +++ b/controllers/goharbor/portal/services.go @@ -3,8 +3,8 @@ package portal import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/portal/suite_test.go b/controllers/goharbor/portal/suite_test.go index b6e1d96a2..ff92d5b8b 100644 --- a/controllers/goharbor/portal/suite_test.go +++ b/controllers/goharbor/portal/suite_test.go @@ -7,9 +7,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/portal" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/portal" ) var ( diff --git a/controllers/goharbor/portal_test.go b/controllers/goharbor/portal_test.go index d36d04fea..98518a96f 100644 --- a/controllers/goharbor/portal_test.go +++ b/controllers/goharbor/portal_test.go @@ -5,9 +5,9 @@ import ( . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/controllers/goharbor/pullsecretbinding/pullsecretbinding.go b/controllers/goharbor/pullsecretbinding/pullsecretbinding.go index 11ea78df4..9800419ca 100644 --- a/controllers/goharbor/pullsecretbinding/pullsecretbinding.go +++ b/controllers/goharbor/pullsecretbinding/pullsecretbinding.go @@ -7,14 +7,14 @@ import ( "time" "github.com/goharbor/go-client/pkg/sdk/v2.0/models" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/registry/secret" - "github.com/goharbor/harbor-operator/pkg/rest/model" - v2 "github.com/goharbor/harbor-operator/pkg/rest/v2" - "github.com/goharbor/harbor-operator/pkg/utils/consts" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/registry/secret" + "github.com/plotly/harbor-operator/pkg/rest/model" + v2 "github.com/plotly/harbor-operator/pkg/rest/v2" + "github.com/plotly/harbor-operator/pkg/utils/consts" + "github.com/plotly/harbor-operator/pkg/utils/strings" "github.com/ovh/configstore" corev1 "k8s.io/api/core/v1" apierr "k8s.io/apimachinery/pkg/api/errors" diff --git a/controllers/goharbor/pullsecretbinding/resources.go b/controllers/goharbor/pullsecretbinding/resources.go index e7d3cde0f..3a701cc9e 100644 --- a/controllers/goharbor/pullsecretbinding/resources.go +++ b/controllers/goharbor/pullsecretbinding/resources.go @@ -3,8 +3,8 @@ package pullsecretbinding import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/resources" ) func (r *Reconciler) NewEmpty(_ context.Context) resources.Resource { diff --git a/controllers/goharbor/registry/configs.go b/controllers/goharbor/registry/configs.go index ec0d21b07..d5a8d0d12 100644 --- a/controllers/goharbor/registry/configs.go +++ b/controllers/goharbor/registry/configs.go @@ -5,10 +5,10 @@ import ( "crypto/sha256" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - conftemplate "github.com/goharbor/harbor-operator/pkg/config/template" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + conftemplate "github.com/plotly/harbor-operator/pkg/config/template" + "github.com/plotly/harbor-operator/pkg/resources/checksum" + "github.com/plotly/harbor-operator/pkg/utils/strings" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/registry/deployments.go b/controllers/goharbor/registry/deployments.go index f569eaeec..a9c150b72 100644 --- a/controllers/goharbor/registry/deployments.go +++ b/controllers/goharbor/registry/deployments.go @@ -5,13 +5,13 @@ import ( "path" "strings" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/image" - utilStrings "github.com/goharbor/harbor-operator/pkg/utils/strings" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/image" + utilStrings "github.com/plotly/harbor-operator/pkg/utils/strings" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/registry/networkpolicies.go b/controllers/goharbor/registry/networkpolicies.go index bb0787df9..115320743 100644 --- a/controllers/goharbor/registry/networkpolicies.go +++ b/controllers/goharbor/registry/networkpolicies.go @@ -3,9 +3,9 @@ package registry import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/registry/registry.go b/controllers/goharbor/registry/registry.go index b792d6aa0..1d919f735 100644 --- a/controllers/goharbor/registry/registry.go +++ b/controllers/goharbor/registry/registry.go @@ -4,11 +4,11 @@ import ( "context" "time" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/config/template" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config/template" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" "github.com/ovh/configstore" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" diff --git a/controllers/goharbor/registry/registry_test.go b/controllers/goharbor/registry/registry_test.go index b5e0a8aa4..533b00826 100644 --- a/controllers/goharbor/registry/registry_test.go +++ b/controllers/goharbor/registry/registry_test.go @@ -8,10 +8,10 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/rest" diff --git a/controllers/goharbor/registry/registryctl.go b/controllers/goharbor/registry/registryctl.go index 992a0f3f9..5da6d5ea3 100644 --- a/controllers/goharbor/registry/registryctl.go +++ b/controllers/goharbor/registry/registryctl.go @@ -4,8 +4,8 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/utils/strings" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" netv1 "k8s.io/api/networking/v1" diff --git a/controllers/goharbor/registry/resources.go b/controllers/goharbor/registry/resources.go index 2c3c56825..07c7f0124 100644 --- a/controllers/goharbor/registry/resources.go +++ b/controllers/goharbor/registry/resources.go @@ -3,11 +3,11 @@ package registry import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/registry/services.go b/controllers/goharbor/registry/services.go index 64371387f..483ef69d0 100644 --- a/controllers/goharbor/registry/services.go +++ b/controllers/goharbor/registry/services.go @@ -3,9 +3,9 @@ package registry import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/utils/strings" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/goharbor/registry/suite_test.go b/controllers/goharbor/registry/suite_test.go index 702623a6c..c0b0291cf 100644 --- a/controllers/goharbor/registry/suite_test.go +++ b/controllers/goharbor/registry/suite_test.go @@ -7,9 +7,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/registry" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/registry" ) var ( diff --git a/controllers/goharbor/registry/template.go b/controllers/goharbor/registry/template.go index 7073d8f34..714b37d50 100644 --- a/controllers/goharbor/registry/template.go +++ b/controllers/goharbor/registry/template.go @@ -4,7 +4,7 @@ import ( "context" "text/template" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" "golang.org/x/sync/errgroup" diff --git a/controllers/goharbor/registry_test.go b/controllers/goharbor/registry_test.go index e41992ca5..fdf7071b3 100644 --- a/controllers/goharbor/registry_test.go +++ b/controllers/goharbor/registry_test.go @@ -5,9 +5,9 @@ import ( . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/controllers/goharbor/suite_test.go b/controllers/goharbor/suite_test.go index 8483a1fa6..4cb49258a 100644 --- a/controllers/goharbor/suite_test.go +++ b/controllers/goharbor/suite_test.go @@ -22,12 +22,12 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/scheme" - "github.com/goharbor/harbor-operator/pkg/setup" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/scheme" + "github.com/plotly/harbor-operator/pkg/setup" "github.com/ovh/configstore" core "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/trivy/configs.go b/controllers/goharbor/trivy/configs.go index 88f810877..a6e1df4a5 100644 --- a/controllers/goharbor/trivy/configs.go +++ b/controllers/goharbor/trivy/configs.go @@ -4,8 +4,8 @@ import ( "context" "strconv" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/trivy/deployments.go b/controllers/goharbor/trivy/deployments.go index ead609288..6afacffb5 100644 --- a/controllers/goharbor/trivy/deployments.go +++ b/controllers/goharbor/trivy/deployments.go @@ -6,11 +6,11 @@ import ( "path" "strings" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/image" - "github.com/goharbor/harbor-operator/pkg/version" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/version" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/goharbor/trivy/networkpolicies.go b/controllers/goharbor/trivy/networkpolicies.go index 7c9a02a09..9cf9e3dc3 100644 --- a/controllers/goharbor/trivy/networkpolicies.go +++ b/controllers/goharbor/trivy/networkpolicies.go @@ -3,9 +3,9 @@ package trivy import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/trivy/resources.go b/controllers/goharbor/trivy/resources.go index fec82497e..2fb5c4b19 100644 --- a/controllers/goharbor/trivy/resources.go +++ b/controllers/goharbor/trivy/resources.go @@ -3,11 +3,11 @@ package trivy import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/trivy/secrets.go b/controllers/goharbor/trivy/secrets.go index 3113f240c..ba8e36caf 100644 --- a/controllers/goharbor/trivy/secrets.go +++ b/controllers/goharbor/trivy/secrets.go @@ -3,9 +3,9 @@ package trivy import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/trivy/services.go b/controllers/goharbor/trivy/services.go index b9a295d04..744a529be 100644 --- a/controllers/goharbor/trivy/services.go +++ b/controllers/goharbor/trivy/services.go @@ -3,8 +3,8 @@ package trivy import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/goharbor/trivy/suite_test.go b/controllers/goharbor/trivy/suite_test.go index 6f8956a26..45fd9c349 100644 --- a/controllers/goharbor/trivy/suite_test.go +++ b/controllers/goharbor/trivy/suite_test.go @@ -7,9 +7,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/trivy" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/trivy" ) var ( diff --git a/controllers/goharbor/trivy/trivy.go b/controllers/goharbor/trivy/trivy.go index 4ec31d624..9a7eeeeb6 100644 --- a/controllers/goharbor/trivy/trivy.go +++ b/controllers/goharbor/trivy/trivy.go @@ -4,10 +4,10 @@ import ( "context" "time" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/event-filter/class" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/event-filter/class" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" "github.com/ovh/configstore" "github.com/pkg/errors" diff --git a/controllers/goharbor/trivy/trivy_test.go b/controllers/goharbor/trivy/trivy_test.go index 449146b0c..3af40e62e 100644 --- a/controllers/goharbor/trivy/trivy_test.go +++ b/controllers/goharbor/trivy/trivy_test.go @@ -8,11 +8,11 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/pods" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/pods" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/rest" diff --git a/controllers/goharbor/trivy_test.go b/controllers/goharbor/trivy_test.go index 6ed1d127f..6a9606a26 100644 --- a/controllers/goharbor/trivy_test.go +++ b/controllers/goharbor/trivy_test.go @@ -4,12 +4,12 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/certificate" - "github.com/goharbor/harbor-operator/controllers/goharbor/internal/test/redis" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/certificate" + "github.com/plotly/harbor-operator/controllers/goharbor/internal/test/redis" . "github.com/onsi/gomega" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/go.mod b/go.mod index 318f16578..01541905d 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/goharbor/harbor-operator +module github.com/plotly/harbor-operator go 1.18 @@ -33,8 +33,8 @@ require ( github.com/umisama/go-regexpcache v0.0.0-20150417035358-2444a542492f github.com/zalando/postgres-operator v1.6.1 go.uber.org/zap v1.24.0 - golang.org/x/crypto v0.1.0 - golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 + golang.org/x/crypto v0.14.0 + golang.org/x/sync v0.3.0 gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.26.1 k8s.io/apiextensions-apiserver v0.26.1 @@ -50,12 +50,12 @@ require ( github.com/Masterminds/goutils v1.1.1 // indirect github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412 // indirect github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect - github.com/beego/beego v1.12.9 // indirect + github.com/beego/beego v1.12.12 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/docker/distribution v2.8.2+incompatible // indirect + github.com/docker/distribution v2.8.2-beta.1+incompatible // indirect github.com/docker/go v0.0.0-20160303222718-d30aec9fd63c // indirect github.com/emicklei/go-restful/v3 v3.9.0 // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect @@ -78,7 +78,7 @@ require ( github.com/gobuffalo/here v0.6.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.2 // indirect + github.com/golang/protobuf v1.5.3 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/google/gofuzz v1.2.0 // indirect @@ -132,17 +132,19 @@ require ( go.opentelemetry.io/proto/otlp v0.19.0 // indirect go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect - golang.org/x/net v0.8.0 // indirect - golang.org/x/oauth2 v0.4.0 // indirect - golang.org/x/sys v0.7.0 // indirect - golang.org/x/term v0.6.0 // indirect - golang.org/x/text v0.8.0 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/oauth2 v0.10.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/term v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect - google.golang.org/grpc v1.54.0 // indirect - google.golang.org/protobuf v1.30.0 // indirect + google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect + google.golang.org/grpc v1.58.3 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.62.0 // indirect diff --git a/go.sum b/go.sum index 5159f46ae..42d2f4f40 100644 --- a/go.sum +++ b/go.sum @@ -145,8 +145,8 @@ github.com/aws/aws-sdk-go v1.34.28/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/ github.com/aws/aws-sdk-go v1.34.30/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48= github.com/aws/aws-sdk-go v1.36.29/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= -github.com/beego/beego v1.12.9 h1:knN+7lL7BSVFm6McUVu58QVrh2UUPn0C9ioq83W5seo= -github.com/beego/beego v1.12.9/go.mod h1:QURFL1HldOcCZAxnc1cZ7wrplsYR5dKPHFjmk6WkLAs= +github.com/beego/beego v1.12.12 h1:ARY1sNVSS23N0mEQIhSqRDTyyDlx95JY0V3GogBbZbQ= +github.com/beego/beego v1.12.12/go.mod h1:QURFL1HldOcCZAxnc1cZ7wrplsYR5dKPHFjmk6WkLAs= github.com/beego/goyaml2 v0.0.0-20130207012346-5545475820dd/go.mod h1:1b+Y/CofkYwXMUU0OhQqGvsY2Bvgr4j6jfT699wyZKQ= github.com/beego/x2j v0.0.0-20131220205130-a0352aadc542/go.mod h1:kSeGC/p1AbBiEp5kat81+DSQrZenVBZXklMLaELspWU= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= @@ -347,8 +347,8 @@ github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyG github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= -github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.8.2-beta.1+incompatible h1:gILO60VLD2v28ozemv4aAwDb8ds5U2O/vD/sBXbd7Rw= +github.com/docker/distribution v2.8.2-beta.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.8+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.4/go.mod h1:ofX3UI0Gz1TteYBjtgs07O36Pyasyp66D2uKT7H8W1c= @@ -604,13 +604,13 @@ github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/goharbor/go-client v0.26.2 h1:pu79j/vmrsR7HF5YztHJqUU/Ki2VLJo+c4pMUvdjJmg= -github.com/goharbor/go-client v0.26.2/go.mod h1:XMWHucuHU9VTRx6U6wYwbRuyCVhE6ffJGRjaeo0nvwo= +github.com/goharbor/go-client v0.25.0 h1:VDfikJyEe6ejnm4VurAaVi+tDLC2yWhuzMQJkOhUiVo= +github.com/goharbor/go-client v0.25.0/go.mod h1:XMWHucuHU9VTRx6U6wYwbRuyCVhE6ffJGRjaeo0nvwo= github.com/goharbor/harbor/src v0.0.0-20220526154154-b0506782b47d h1:MOwBwJi3VIoPls3O8jZrLHRbgw6l3rhIQQmZVAPL/t0= github.com/goharbor/harbor/src v0.0.0-20220526154154-b0506782b47d/go.mod h1:ud/eT8hR+/hRtF/35KTuXSJFT/CMmaF/W30u03AgSqI= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= +github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20180513044358-24b0969c4cb7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -643,8 +643,9 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= @@ -1412,8 +1413,8 @@ golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1506,8 +1507,8 @@ golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1 golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1516,8 +1517,8 @@ golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M= -golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= +golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= +golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1529,8 +1530,8 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= +golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180117170059-2c42eef0765b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1628,13 +1629,13 @@ golang.org/x/sys v0.0.0-20210910150752-751e447fb3d0/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw= -golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1647,8 +1648,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1800,8 +1801,12 @@ google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f h1:BWUVssLB0HVOSY78gIdvk1dTVYtT1y8SBWtPYuTJ/6w= -google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= +google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 h1:Z0hjGZePRE0ZBWotvtrwxFNrNE9CUAGtplaDK5NNI/g= +google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98/go.mod h1:S7mY02OqCJTD0E1OiQy1F72PWFB4bZJ87cAtLPYgDR0= +google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 h1:FmF5cCW94Ij59cfpoLiwTgodWmm60eEV0CjlsVg2fuw= +google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98/go.mod h1:rsr7RhLuwsDKL7RmgDDCUc6yaGr1iqceVb5Wv6f6YvQ= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 h1:bVf09lpb+OJbByTj913DRJioFFAjf/ZGxEz7MajTp2U= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= @@ -1828,8 +1833,8 @@ google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.54.0 h1:EhTqbhiYeixwWQtAEZAxmV9MGqcjEU2mFx52xCzNyag= -google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= +google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= +google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1843,8 +1848,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw= diff --git a/main.go b/main.go index 578b5cc25..cc94e0fcc 100644 --- a/main.go +++ b/main.go @@ -4,13 +4,13 @@ import ( "context" "github.com/go-logr/logr" - "github.com/goharbor/harbor-operator/pkg/exit" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/manager" - "github.com/goharbor/harbor-operator/pkg/scheme" - "github.com/goharbor/harbor-operator/pkg/setup" - "github.com/goharbor/harbor-operator/pkg/tracing" + "github.com/plotly/harbor-operator/pkg/exit" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/manager" + "github.com/plotly/harbor-operator/pkg/scheme" + "github.com/plotly/harbor-operator/pkg/setup" + "github.com/plotly/harbor-operator/pkg/tracing" "github.com/ovh/configstore" _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" ctrl "sigs.k8s.io/controller-runtime" diff --git a/manifests/cluster/deployment.yaml b/manifests/cluster/deployment.yaml index 0c1b57c29..fd30c6f73 100644 --- a/manifests/cluster/deployment.yaml +++ b/manifests/cluster/deployment.yaml @@ -12,7 +12,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -56,47 +56,31 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: ChartMuseum is the Schema for the ChartMuseum API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ChartMuseumSpec defines the desired state of ChartMuseum. properties: authentication: properties: anonymousGet: default: false - description: Allow anonymous GET operations when auth is used type: boolean basicAuthRef: - description: 'Reference to secret containing basic http authentication - Harbor: Harbor try to connect using chart_controller username' pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bearer: - description: Bearer authentication specs properties: certificateRef: - description: Reference to secret containing authorization - server certificate pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string realm: - description: Authorization server url type: string service: - description: Authorization server service name type: string required: - certificateRef @@ -105,40 +89,30 @@ spec: type: object type: object cache: - description: Cache stores properties: redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -152,40 +126,28 @@ spec: properties: allowOverwrite: default: true - description: Allow chart versions to be re-uploaded without ?force - querystring type: boolean index: properties: parallelLimit: - description: Parallel scan limit for the repo indexer format: int32 minimum: 0 type: integer storageTimestampTolerance: - description: Timestamp drift tolerated between cached and - generated index before invalidation pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object onlySemver2: default: false - description: Enforce the chart museum server only accepts the - valid chart version as Helm does type: boolean postFormFieldName: - description: Form fields which will be queried properties: chart: default: chart - description: 'Form field which will be queried for the chart - file content Harbor: Expecting chart to use with Harbor' minLength: 1 type: string provenance: default: prov - description: 'Form field which will be queried for the provenance - file content Harbor: Expecting prov to use with Harbor' minLength: 1 type: string type: object @@ -193,14 +155,11 @@ spec: properties: depth: default: 1 - description: 'Levels of nested repos for multitenancy Harbor: - must be set to 1 to support project namespace' format: int32 minimum: 0 type: integer depthDynamic: default: false - description: The length of repo variable type: boolean type: object storage: @@ -213,20 +172,14 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bucket: - description: S3 bucket to store charts for amazon storage type: string endpoint: - description: Alternative s3 endpoint type: string prefix: - description: Prefix to store charts for the bucket type: string region: - description: Region of the bucket type: string serverSideEncryption: - description: ServerSideEncryption is the algorithm for - server side encryption type: string required: - bucket @@ -236,247 +189,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -484,156 +295,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -645,132 +366,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -778,106 +402,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -893,9 +436,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -904,51 +444,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -960,32 +467,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -993,83 +482,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -1077,201 +521,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -1279,159 +610,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -1439,102 +676,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -1546,57 +723,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -1604,50 +740,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -1656,161 +761,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -1818,62 +838,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -1881,83 +858,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -1967,54 +897,33 @@ spec: - volumeSource type: object maxStorageObject: - description: Maximum number of objects allowed in storage - (per tenant) format: int64 minimum: 0 type: integer openstack: properties: authenticationURL: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string container: - description: Container to store charts for openstack storage - backend type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: Prefix to store charts for the container type: string region: - description: Region of the container type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string userid: - description: The Openstack user id. You can either use - username or userid. type: string username: - description: The Openstack user name. You can either use - username or userid. type: string required: - authenticationURL @@ -2022,42 +931,32 @@ spec: type: object type: object url: - description: The absolute url for .tgz files in index.yaml pattern: https?://.* type: string required: - storage type: object disable: - description: Disable some features properties: api: default: false - description: Disable all routes prefixed with type: boolean delete: default: false - description: Disable DELETE route type: boolean forceOverwrite: default: false - description: Do not allow chart versions to be re-uploaded, even - with ?force querystrin type: boolean metrics: default: false - description: Disable Prometheus metrics type: boolean statefiles: default: false - description: Disable use of index-cache.yaml type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -2065,12 +964,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -2079,51 +974,31 @@ spec: properties: debug: default: false - description: Show debug messages type: boolean health: default: false - description: Log inbound /health requests type: boolean json: default: false - description: Output structured logs as json type: boolean latencyInteger: default: true - description: log latency as an integer instead of a string type: boolean type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -2139,8 +1014,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -2149,26 +1022,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: properties: corsAllowOrigin: - description: Value to set in the Access-Control-Allow-Origin HTTP - header type: string maxUploadSize: default: 20971520 - description: Max size of post body (in bytes) format: int64 minimum: 0 type: integer readTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -2178,18 +1043,14 @@ spec: type: string type: object writeTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -2197,42 +1058,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -2240,28 +1077,17 @@ spec: - chart type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -2272,8 +1098,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -2286,7 +1110,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -2315,47 +1138,31 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: ChartMuseum is the Schema for the ChartMuseum API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ChartMuseumSpec defines the desired state of ChartMuseum. properties: authentication: properties: anonymousGet: default: false - description: Allow anonymous GET operations when auth is used type: boolean basicAuthRef: - description: 'Reference to secret containing basic http authentication - Harbor: Harbor try to connect using chart_controller username' pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bearer: - description: Bearer authentication specs properties: certificateRef: - description: Reference to secret containing authorization - server certificate pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string realm: - description: Authorization server url type: string service: - description: Authorization server service name type: string required: - certificateRef @@ -2364,40 +1171,30 @@ spec: type: object type: object cache: - description: Cache stores properties: redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -2411,40 +1208,28 @@ spec: properties: allowOverwrite: default: true - description: Allow chart versions to be re-uploaded without ?force - querystring type: boolean index: properties: parallelLimit: - description: Parallel scan limit for the repo indexer format: int32 minimum: 0 type: integer storageTimestampTolerance: - description: Timestamp drift tolerated between cached and - generated index before invalidation pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object onlySemver2: default: false - description: Enforce the chart museum server only accepts the - valid chart version as Helm does type: boolean postFormFieldName: - description: Form fields which will be queried properties: chart: default: chart - description: 'Form field which will be queried for the chart - file content Harbor: Expecting chart to use with Harbor' minLength: 1 type: string provenance: default: prov - description: 'Form field which will be queried for the provenance - file content Harbor: Expecting prov to use with Harbor' minLength: 1 type: string type: object @@ -2452,14 +1237,11 @@ spec: properties: depth: default: 1 - description: 'Levels of nested repos for multitenancy Harbor: - must be set to 1 to support project namespace' format: int32 minimum: 0 type: integer depthDynamic: default: false - description: The length of repo variable type: boolean type: object storage: @@ -2472,20 +1254,14 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bucket: - description: S3 bucket to store charts for amazon storage type: string endpoint: - description: Alternative s3 endpoint type: string prefix: - description: Prefix to store charts for the bucket type: string region: - description: Region of the bucket type: string serverSideEncryption: - description: ServerSideEncryption is the algorithm for - server side encryption type: string required: - bucket @@ -2510,247 +1286,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -2758,156 +1392,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -2919,132 +1463,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -3052,106 +1499,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -3167,9 +1533,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -3178,51 +1541,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -3234,32 +1564,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -3267,83 +1579,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -3351,201 +1618,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -3553,159 +1707,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -3713,102 +1773,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -3820,57 +1820,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -3878,50 +1837,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -3930,161 +1858,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -4092,62 +1935,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -4155,83 +1955,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -4243,13 +1996,10 @@ spec: gcs: properties: bucket: - description: bucket to store charts for Gcs storage type: string chunksize: type: string keyDataSecretRef: - description: The base64 encoded json file which contains - the key type: string pathPrefix: type: string @@ -4258,54 +2008,33 @@ spec: - keyDataSecretRef type: object maxStorageObject: - description: Maximum number of objects allowed in storage - (per tenant) format: int64 minimum: 0 type: integer openstack: properties: authenticationURL: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string container: - description: Container to store charts for openstack storage - backend type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: Prefix to store charts for the container type: string region: - description: Region of the container type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string userid: - description: The Openstack user id. You can either use - username or userid. type: string username: - description: The Openstack user name. You can either use - username or userid. type: string required: - authenticationURL @@ -4331,42 +2060,32 @@ spec: type: object type: object url: - description: The absolute url for .tgz files in index.yaml pattern: https?://.* type: string required: - storage type: object disable: - description: Disable some features properties: api: default: false - description: Disable all routes prefixed with type: boolean delete: default: false - description: Disable DELETE route type: boolean forceOverwrite: default: false - description: Do not allow chart versions to be re-uploaded, even - with ?force querystrin type: boolean metrics: default: false - description: Disable Prometheus metrics type: boolean statefiles: default: false - description: Disable use of index-cache.yaml type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -4374,12 +2093,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -4388,61 +2103,38 @@ spec: properties: debug: default: false - description: Show debug messages type: boolean health: default: false - description: Log inbound /health requests type: boolean json: default: false - description: Output structured logs as json type: boolean latencyInteger: default: true - description: log latency as an integer instead of a string type: boolean type: object network: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -4458,8 +2150,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -4468,26 +2158,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: properties: corsAllowOrigin: - description: Value to set in the Access-Control-Allow-Origin HTTP - header type: string maxUploadSize: default: 20971520 - description: Max size of post body (in bytes) format: int64 minimum: 0 type: integer readTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -4497,18 +2179,14 @@ spec: type: string type: object writeTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -4516,42 +2194,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -4559,28 +2213,17 @@ spec: - chart type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -4591,8 +2234,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -4605,7 +2246,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -4623,7 +2263,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -4667,22 +2307,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Core is the Schema for the Core API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: CoreSpec defines the desired state of Core. properties: adminInitialPasswordRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -4761,34 +2393,26 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate - to authenticate with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when - connecting to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -4853,9 +2477,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -4865,17 +2486,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -4898,17 +2511,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -4924,10 +2531,8 @@ spec: type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -4935,12 +2540,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -4949,7 +2550,6 @@ spec: properties: level: default: info - description: CoreLogLevel is the log level for Core. enum: - debug - info @@ -4964,12 +2564,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -4977,9 +2575,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -5005,69 +2600,44 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle connections - are not closed. Applications should set the timeout to a value - less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -5083,8 +2653,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -5093,23 +2661,16 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -5117,42 +2678,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -5166,28 +2703,17 @@ spec: - secretRef type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -5198,8 +2724,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -5212,7 +2736,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -5241,22 +2764,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Core is the Schema for the Core API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: CoreSpec defines the desired state of Core. properties: adminInitialPasswordRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -5335,34 +2850,26 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate - to authenticate with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when - connecting to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -5427,9 +2934,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -5439,17 +2943,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -5472,17 +2968,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -5498,10 +2988,8 @@ spec: type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -5509,12 +2997,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -5523,7 +3007,6 @@ spec: properties: level: default: info - description: CoreLogLevel is the log level for Core. enum: - debug - info @@ -5538,12 +3021,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -5552,18 +3033,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -5589,69 +3064,44 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle connections - are not closed. Applications should set the timeout to a value - less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -5667,8 +3117,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -5677,23 +3125,16 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -5701,42 +3142,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -5745,41 +3162,31 @@ spec: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -5788,43 +3195,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -5839,28 +3234,17 @@ spec: - secretRef type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -5871,8 +3255,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -5885,7 +3267,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -5903,7 +3284,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -5947,42 +3328,29 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Exporter is the Schema for the Exporter API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ExporterSpec defines the desired state of Exporter. properties: cache: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database and - core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object core: properties: url: - description: The absolute Harbor Core URL. pattern: https?://.+ type: string required: @@ -5991,9 +3359,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -6003,17 +3368,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -6036,27 +3393,19 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: - encryptionKeyRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6064,12 +3413,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6078,7 +3423,6 @@ spec: properties: level: default: info - description: ExporterLogLevel is the log level for Exporter. enum: - debug - info @@ -6090,9 +3434,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics @@ -6104,28 +3445,15 @@ spec: minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -6141,8 +3469,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -6151,20 +3477,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -6178,42 +3497,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -6222,28 +3517,17 @@ spec: - database type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -6254,8 +3538,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -6268,7 +3550,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -6297,42 +3578,29 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Exporter is the Schema for the Exporter API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ExporterSpec defines the desired state of Exporter. properties: cache: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database and - core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object core: properties: url: - description: The absolute Harbor Core URL. pattern: https?://.+ type: string required: @@ -6341,9 +3609,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -6353,17 +3618,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -6386,27 +3643,19 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: - encryptionKeyRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6414,12 +3663,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6427,47 +3672,34 @@ spec: jobservice: properties: redisPool: - description: RedisPoolConfig keeps redis worker info. properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle - connections are not closed. Applications should set the - timeout to a value less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string namespace: type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -6477,7 +3709,6 @@ spec: properties: level: default: info - description: ExporterLogLevel is the log level for Exporter. enum: - debug - info @@ -6490,18 +3721,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics @@ -6513,28 +3738,15 @@ spec: minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -6550,8 +3762,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -6560,20 +3770,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -6587,42 +3790,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -6631,28 +3810,17 @@ spec: - database type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -6663,8 +3831,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -6677,7 +3843,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -6695,7 +3860,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -6746,39 +3911,27 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: HarborCluster is the Schema for the harborclusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborClusterSpec defines the desired state of HarborCluster. properties: chartmuseum: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6786,12 +3939,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6799,35 +3948,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -6843,8 +3974,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -6853,20 +3982,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -6874,43 +3996,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -6922,10 +4019,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6933,12 +4028,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6950,12 +4041,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -6963,35 +4052,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -7007,8 +4078,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7017,20 +4086,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -7038,82 +4100,42 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object database: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -7124,15 +4146,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL connections - to encrypt client/server communications for increased security. enum: - disable - allow @@ -7142,9 +4160,6 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -7156,22 +4171,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7179,12 +4188,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -7192,46 +4197,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -7247,8 +4232,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7257,20 +4240,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -7278,43 +4254,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -7331,7 +4282,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -7351,8 +4301,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -7362,7 +4310,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -7391,26 +4338,16 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string imageChartStorage: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -7418,9 +4355,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -7430,8 +4364,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -7446,53 +4378,30 @@ spec: type: boolean type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services for - object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, omit - to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store the - registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks to - be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt must - be true, or this parameter is ignored). type: string region: - description: The AWS region in which your bucket exists. For - the moment, the Go AWS library in use does not use the newer - DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services (Minio, - etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 keys - to allow you to segment data in your bucket if necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS Secret - Key. If you use IAM roles, omit to fetch temporary credentials - from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -7500,64 +4409,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is set - to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version 4 - of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. See: - https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. It - is used by HP Cloud Object Storage in addition to the secretkey - parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for example - 3. By default the driver autodetects the auth’s version - from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you wish - to store the registry’s data. The driver creates the named - container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 API. - You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 API. - You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to swift. enum: - public - internal @@ -7565,39 +4447,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set to - true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container if necessary. - Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either use - tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either use - tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -7607,7 +4474,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7615,42 +4481,28 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object inClusterCache: - description: Cache configuration for in-cluster cache services properties: kind: - description: Set the kind of cache service to be used. Only support - Redis now. enum: - Redis type: string redisSpec: - description: RedisSpec is the specification of redis. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7658,53 +4510,29 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array sentinel: - description: Sentinel is the configuration of the redis sentinel. properties: replicas: default: 1 - description: Replicas is the instance number of redis - sentinel. type: integer type: object server: - description: Server is the configuration of the redis server. properties: replicas: default: 1 - description: Replicas is the instance number of redis - server. type: integer resources: - description: Resources is the resources requests and limits - for redis. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -7720,8 +4548,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7730,19 +4556,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object storage: - description: Storage is the size of the redis storage. type: string storageClassName: - description: StorageClassName is the storage class name - of the redis storage. type: string type: object type: object @@ -7751,21 +4569,16 @@ spec: - redisSpec type: object inClusterDatabase: - description: Database configuration for in-cluster database service properties: kind: - description: Set the kind of which database service to be used, - Only support PostgresSQL now. enum: - PostgresSQL type: string postgresSqlSpec: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7773,38 +4586,21 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array replicas: - description: Replicas defines database instance replicas minimum: 1 type: integer resources: - description: Resources defines database pod resource config properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -7820,8 +4616,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7830,19 +4624,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object storage: - description: Storage defines database data store pvc size type: string storageClassName: - description: StorageClassName defines use which StorageClass - to create pvc type: string type: object required: @@ -7850,22 +4636,16 @@ spec: - postgresSqlSpec type: object inClusterStorage: - description: Storage configuration for in-cluster storage service properties: kind: - description: Kind of which storage service to be used. Only support - MinIO now. enum: - MinIO type: string minIOSpec: - description: inCLuster options. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7873,25 +4653,17 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array mc: - description: MinIOClientSpec the spec for the mc properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7899,26 +4671,17 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic type: array type: object redirect: - description: Determine if the redirection of minio storage - is disabled. properties: enable: default: true - description: Default is true type: boolean expose: properties: @@ -7930,7 +4693,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -7953,31 +4715,15 @@ spec: - enable type: object replicas: - description: Supply number of replicas. For standalone mode, - supply 1. For distributed mode, supply 4 to 16 drives (should - be even). Note that the operator does not support upgrading - from standalone to distributed mode. format: int32 minimum: 1 type: integer resources: - description: If provided, use these requests and limit for - cpu/memory resource allocation properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -7993,8 +4739,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8003,76 +4747,32 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: - description: Reference to the secret containing the MinIO - access key and secret key. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string volumeClaimTemplate: - description: VolumeClaimTemplate allows a user to specify - how volumes inside a MinIOInstance properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' type: object spec: - description: 'spec defines the desired characteristics - of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified data - source. When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be copied to - dataSourceRef, and dataSourceRef contents will be - copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, - then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. - For any other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource being - referenced type: string name: - description: Name is the name of resource being - referenced type: string required: - kind @@ -8080,89 +4780,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the object from - which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a - non-empty API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume binding - will only succeed if the type of the specified object - matches some installed volume populator or dynamic - provisioner. This field will replace the functionality - of the dataSource field and as such if both fields - are non-empty, they must have the same value. For - backwards compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource and dataSourceRef) - will be set to the same value automatically if one - of them is empty and the other is non-empty. When - namespace is specified in dataSourceRef, dataSource - isn''t set to the same value and must be empty. - There are three important differences between dataSource - and dataSourceRef: * While dataSource only allows - two specific types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves all values, - and generates an error if a disallowed value is - specified. * While dataSource only allows local - objects, dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. - For any other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource being - referenced type: string name: - description: Name is the name of resource being - referenced type: string namespace: - description: Namespace is the namespace of resource - being referenced Note that when a namespace - is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept the - reference. See the ReferenceGrant documentation - for details. (Alpha) This field requires the - CrossNamespaceVolumeDataSource feature gate - to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of - one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes - that resource available inside a container. type: string required: - name @@ -8178,8 +4814,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8188,43 +4822,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over volumes - to consider for binding. properties: matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. properties: key: - description: key is the label key that the - selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. items: type: string type: array @@ -8236,38 +4845,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem is - implied when not included in claim spec. type: string volumeName: - description: volumeName is the binding reference to - the PersistentVolume backing this claim. type: string type: object status: - description: 'status represents the current information/status - of a persistent volume claim. Read-only. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the actual access - modes the volume backing the PVC has. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array @@ -8278,20 +4868,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. - For storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for - quota calculation. If a volume expansion capacity - request is lowered, allocatedResources is only lowered - if there are no expansion operations in progress - and if the actual volume capacity is equal or lower - than the requested capacity. This is an alpha field - and requires enabling RecoverVolumeExpansionFailure - feature. type: object capacity: additionalProperties: @@ -8300,46 +4876,23 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. type: object conditions: - description: conditions is the current Condition of - persistent volume claim. If underlying persistent - volume is being resized then the Condition will - be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition contails - details about state of pvc properties: lastProbeTime: - description: lastProbeTime is the time we probed - the condition. format: date-time type: string lastTransitionTime: - description: lastTransitionTime is the time - the condition transitioned from one status - to another. format: date-time type: string message: - description: message is the human-readable message - indicating details about last transition. type: string reason: - description: reason is a unique, this should - be a short, machine understandable string - that gives the reason for condition's last - transition. If it reports "ResizeStarted" - that means the underlying persistent volume - is being resized. type: string status: type: string type: - description: PersistentVolumeClaimConditionType - is a valid value of PersistentVolumeClaimCondition.Type type: string required: - status @@ -8347,22 +4900,12 @@ spec: type: object type: array phase: - description: phase represents the current phase of - PersistentVolumeClaim. type: string resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default but - when expansion is complete resizeStatus is set to - empty string by resize controller or kubelet. This - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature. type: string type: object type: object volumesPerServer: - description: Number of persistent volumes that will be attached - per server format: int32 minimum: 1 type: integer @@ -8387,10 +4930,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8398,12 +4939,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8411,35 +4948,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -8455,8 +4974,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8465,20 +4982,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8486,43 +4996,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -8534,7 +5019,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -8546,15 +5030,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8562,13 +5043,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8576,36 +5052,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -8621,8 +5078,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8631,21 +5086,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8653,44 +5100,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -8698,10 +5119,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8709,13 +5128,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8723,36 +5137,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -8768,8 +5163,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8778,21 +5171,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8800,44 +5185,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -8846,10 +5205,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8857,12 +5214,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8870,35 +5223,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -8914,8 +5249,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8924,20 +5257,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8945,43 +5271,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9013,31 +5314,22 @@ spec: type: array type: object redis: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -9049,10 +5341,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9060,12 +5350,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9077,12 +5363,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -9090,38 +5374,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9137,8 +5403,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9147,15 +5411,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -9172,7 +5430,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9180,43 +5437,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9224,10 +5456,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9235,12 +5465,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9248,35 +5474,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9292,8 +5500,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9302,20 +5508,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9323,43 +5522,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9371,14 +5545,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9386,12 +5556,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9399,35 +5565,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9443,8 +5591,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9453,57 +5599,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -9512,7 +5634,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9520,43 +5641,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9567,7 +5663,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -9577,33 +5672,20 @@ spec: - version type: object status: - description: HarborClusterStatus defines the observed state of HarborCluster. properties: conditions: - description: Conditions of each components items: - description: HarborClusterCondition contains details for the current - condition of this pod. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. format: date-time type: string message: - description: Human-readable message indicating details about - last transition. type: string reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. type: string status: - description: Status is the status of the condition. Can be True, - False, Unknown. type: string type: - description: Type is the type of the condition. type: string required: - status @@ -9614,8 +5696,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -9628,14 +5708,9 @@ spec: type: string type: object revision: - description: Revision of the status Use unix nano format: int64 type: integer status: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file Status indicates the overall status of the Harbor cluster - Status can be "unknown", "creating", "healthy" and "unhealthy"' type: string required: - revision @@ -9668,60 +5743,41 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: HarborCluster is the Schema for the harborclusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborClusterSpec defines the desired state of HarborCluster. properties: cache: - description: Cache configuration for in-cluster cache services properties: kind: - description: Set the kind of cache service to be used. Only support - Redis now. enum: - Redis - RedisFailover type: string spec: - description: RedisSpec is the specification of redis. properties: redis: properties: certificateRef: - description: Secret containing the client certificate - to authenticate with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when - connecting to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -9729,10 +5785,8 @@ spec: redisFailover: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9740,14 +5794,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9755,43 +5803,22 @@ spec: operatorVersion: type: string sentinel: - description: Sentinel is the configuration of the redis - sentinel. properties: replicas: default: 1 - description: Replicas is the instance number of redis - sentinel. type: integer type: object server: - description: Server is the configuration of the redis - server. properties: replicas: default: 1 - description: Replicas is the instance number of redis - server. type: integer resources: - description: Resources is the resources requests and - limits for redis. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of - one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes - that resource available inside a container. type: string required: - name @@ -9807,8 +5834,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9817,12 +5842,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: @@ -9830,11 +5849,8 @@ spec: name of the redis server. type: string storage: - description: Storage is the size of the redis storage. type: string storageClassName: - description: StorageClassName is the storage class - name of the redis storage. type: string type: object required: @@ -9849,18 +5865,14 @@ spec: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9868,12 +5880,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9881,35 +5889,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9925,8 +5915,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9935,20 +5923,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9956,43 +5937,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10004,10 +5960,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10015,12 +5969,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10042,12 +5992,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -10055,35 +6003,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -10099,8 +6029,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10109,20 +6037,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10130,59 +6051,29 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10190,11 +6081,8 @@ spec: - tokenIssuer type: object database: - description: Database configuration for in-cluster database service properties: kind: - description: Set the kind of which database service to be used, - Only support PostgreSQL now. enum: - PostgreSQL - Zlando/PostgreSQL @@ -10207,18 +6095,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host - name begins with a slash, it specifies Unix-domain - communication rather than TCP/IP communication; - the value is the name of the directory in which - the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port - number established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -10229,16 +6108,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used - if the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL - connections to encrypt client/server communications - for increased security. enum: - disable - allow @@ -10248,24 +6122,18 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string required: - hosts type: object zlandoPostgreSql: - description: ZlandoPostgreSQL properties: connectTimeout: type: integer image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10273,14 +6141,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10290,24 +6152,11 @@ spec: replicas: type: integer resources: - description: ResourceRequirements describes the compute - resource requirements. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -10323,8 +6172,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10333,11 +6180,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sslConfig: @@ -10360,22 +6202,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10383,12 +6219,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10396,46 +6228,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -10451,8 +6263,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10461,20 +6271,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10482,43 +6285,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10535,7 +6313,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -10557,8 +6334,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -10568,7 +6343,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -10601,7 +6375,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10609,23 +6382,15 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object internalTLS: @@ -10641,10 +6406,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10652,12 +6415,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10669,12 +6428,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -10682,35 +6439,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -10726,8 +6465,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10736,33 +6473,19 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: scanDataExportsPersistentVolume: - description: ScanDataExportsPersistentVolume specify the persistent - volume used to store data exports. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -10771,7 +6494,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10779,43 +6501,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10827,7 +6524,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -10836,13 +6532,9 @@ spec: - fatal type: string network: - description: Network settings for the harbor properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object @@ -10850,15 +6542,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10866,13 +6555,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10880,36 +6564,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -10925,8 +6590,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10935,21 +6598,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10957,44 +6612,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -11002,10 +6631,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11013,13 +6640,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11027,36 +6649,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -11072,8 +6675,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11082,21 +6683,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11104,44 +6697,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -11150,10 +6717,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11161,12 +6726,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11174,35 +6735,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -11218,8 +6761,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11228,20 +6769,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11249,43 +6783,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -11323,10 +6832,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11334,12 +6841,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11351,12 +6854,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -11364,38 +6865,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -11411,8 +6894,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11421,15 +6902,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -11446,7 +6921,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11454,43 +6928,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -11498,10 +6947,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11509,12 +6956,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11522,35 +6965,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -11566,8 +6991,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11576,20 +6999,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11597,53 +7013,25 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object storage: - description: Storage configuration for in-cluster storage service properties: kind: - description: Kind of which storage service to be used. Only support - MinIO now. enum: - MinIO - S3 @@ -11654,7 +7042,6 @@ spec: - Oss type: string spec: - description: the spec of Storage. properties: azure: properties: @@ -11676,15 +7063,10 @@ spec: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -11692,9 +7074,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -11704,8 +7083,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -11716,25 +7093,19 @@ spec: gcs: properties: bucket: - description: bucket to store charts for Gcs storage type: string chunkSize: type: string keyDataRef: - description: The base64 encoded json file which contains - the key type: string pathPrefix: type: string type: object minIO: - description: inCluster options. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11742,26 +7113,17 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic type: array mc: - description: MinIOClientSpec the spec for the mc properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11769,15 +7131,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough - information to let you locate the referenced object - inside the same namespace. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11785,15 +7140,11 @@ spec: type: object operatorVersion: default: 4.0.6 - description: the version of minIO operator type: string redirect: - description: deprecated Determine if the redirection of - minio storage is disabled. properties: enable: default: true - description: Default is true type: boolean expose: properties: @@ -11805,7 +7156,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -11830,33 +7180,15 @@ spec: - enable type: object replicas: - description: Supply number of replicas. For standalone - mode, supply 1. For distributed mode, supply 4 to 16 - drives (should be even). Note that the operator does - not support upgrading from standalone to distributed - mode. format: int32 minimum: 1 type: integer resources: - description: If provided, use these requests and limit - for cpu/memory resource allocation properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -11872,8 +7204,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11882,81 +7212,32 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: - description: Reference to the secret containing the MinIO - access key and secret key. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string volumeClaimTemplate: - description: VolumeClaimTemplate allows a user to specify - how volumes inside a MinIOInstance properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' type: object spec: - description: 'spec defines the desired characteristics - of a volume requested by a pod author. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to - specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If - the provisioner or an external controller can - support the specified data source, it will create - a new volume based on the contents of the specified - data source. When the AnyVolumeDataSource feature - gate is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef contents - will be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, - then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup is - not specified, the specified Kind must be - in the core API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -11964,94 +7245,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, - if a non-empty volume is desired. This may be - any object from a non-empty API group (non core - object) or a PersistentVolumeClaim object. When - this field is specified, volume binding will - only succeed if the type of the specified object - matches some installed volume populator or dynamic - provisioner. This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the same - value. For backwards compatibility, when namespace - isn''t specified in dataSourceRef, both fields - (dataSource and dataSourceRef) will be set to - the same value automatically if one of them - is empty and the other is non-empty. When namespace - is specified in dataSourceRef, dataSource isn''t - set to the same value and must be empty. There - are three important differences between dataSource - and dataSourceRef: * While dataSource only allows - two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef preserves - all values, and generates an error if a disallowed - value is specified. * While dataSource only - allows local objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this field requires - the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup is - not specified, the specified Kind must be - in the core API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace of - resource being referenced Note that when - a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant documentation - for details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity - recorded in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are - used by this container. \n This is an alpha - field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one - entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. type: string required: - name @@ -12067,9 +7279,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -12078,46 +7287,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If - Requests is omitted for a container, it - defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over volumes - to consider for binding. properties: matchExpressions: - description: matchExpressions is a list of - label selector requirements. The requirements - are ANDed. items: - description: A label selector requirement - is a selector that contains values, a - key, and an operator that relates the - key and values. properties: key: - description: key is the label key that - the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -12129,39 +7310,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only - "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name of - the StorageClass required by the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object status: - description: 'status represents the current information/status - of a persistent volume claim. Read-only. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the actual - access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array @@ -12172,20 +7333,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks the - capacity allocated to a PVC. It may be larger - than the actual capacity when a volume expansion - operation is requested. For storage quota, the - larger value from allocatedResources and PVC.spec.resources - is used. If allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation. If a volume - expansion capacity request is lowered, allocatedResources - is only lowered if there are no expansion operations - in progress and if the actual volume capacity - is equal or lower than the requested capacity. - This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. type: object capacity: additionalProperties: @@ -12194,47 +7341,23 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. type: object conditions: - description: conditions is the current Condition - of persistent volume claim. If underlying persistent - volume is being resized then the Condition will - be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition - contails details about state of pvc properties: lastProbeTime: - description: lastProbeTime is the time we - probed the condition. format: date-time type: string lastTransitionTime: - description: lastTransitionTime is the time - the condition transitioned from one status - to another. format: date-time type: string message: - description: message is the human-readable - message indicating details about last - transition. type: string reason: - description: reason is a unique, this should - be a short, machine understandable string - that gives the reason for condition's - last transition. If it reports "ResizeStarted" - that means the underlying persistent volume - is being resized. type: string status: type: string type: - description: PersistentVolumeClaimConditionType - is a valid value of PersistentVolumeClaimCondition.Type type: string required: - status @@ -12242,22 +7365,12 @@ spec: type: object type: array phase: - description: phase represents the current phase - of PersistentVolumeClaim. type: string resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default - but when expansion is complete resizeStatus - is set to empty string by resize controller - or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. type: string type: object type: object volumesPerServer: - description: Number of persistent volumes that will be - attached per server format: int32 minimum: 1 type: integer @@ -12275,15 +7388,11 @@ spec: bucket: type: string chunksize: - description: The Oss API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean endpoint: type: string @@ -12305,12 +7414,9 @@ spec: - region type: object redirect: - description: Determine if the redirection of minio storage - is disabled. properties: enable: default: true - description: Default is true type: boolean expose: properties: @@ -12322,7 +7428,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -12349,30 +7454,20 @@ spec: s3: properties: accesskey: - description: The AWS Access Key. If you use IAM roles, - omit to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store - the registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt - must be true, or this parameter is ignored). type: string multipartcopychunksize: format: int64 @@ -12384,24 +7479,12 @@ spec: format: int64 type: integer region: - description: The AWS region in which your bucket exists. - For the moment, the Go AWS library in use does not use - the newer DNS based bucket routing. For a list of regions, - see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services - (Minio, etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 - keys to allow you to segment data in your bucket if - necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS - Secret Key. If you use IAM roles, omit to fetch temporary - credentials from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -12409,18 +7492,12 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is - set to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version - 4 of AWS’s authentication. type: boolean required: - bucket @@ -12429,42 +7506,23 @@ spec: swift: properties: accesskey: - description: The access key to generate temporary URLs. - It is used by HP Cloud Object Storage in addition to - the secretkey parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for - example 3. By default the driver autodetects the auth’s - version from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you - wish to store the registry’s data. The driver creates - the named container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to - swift. enum: - public - internal @@ -12472,40 +7530,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set - to true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container - if necessary. Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary - URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -12517,46 +7559,35 @@ spec: - spec type: object trace: - description: Trace settings for the harbor properties: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -12565,43 +7596,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -12613,14 +7632,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -12628,12 +7643,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -12641,42 +7652,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object offlineScan: default: false - description: Option prevents Trivy from sending API requests to - identify dependencies. This option doesn’t affect DB download. - You need to specify "skip-update" as well as "offline-scan" - in an air-gapped environment. type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -12692,8 +7681,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -12702,57 +7689,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -12761,7 +7724,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -12769,43 +7731,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -12816,7 +7753,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -12829,33 +7765,20 @@ spec: - version type: object status: - description: HarborClusterStatus defines the observed state of HarborCluster. properties: conditions: - description: Conditions of each components items: - description: HarborClusterCondition contains details for the current - condition of this pod. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. format: date-time type: string message: - description: Human-readable message indicating details about - last transition. type: string reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. type: string status: - description: Status is the status of the condition. Can be True, - False, Unknown. type: string type: - description: Type is the type of the condition. type: string required: - status @@ -12866,8 +7789,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -12880,14 +7801,9 @@ spec: type: string type: object revision: - description: Revision of the status Use unix nano format: int64 type: integer status: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file Status indicates the overall status of the Harbor cluster - Status can be "unknown", "creating", "healthy" and "unhealthy"' type: string required: - revision @@ -12903,11 +7819,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: harborconfigurations.goharbor.io spec: group: goharbor.io @@ -12941,424 +7856,259 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: HarborConfiguration is the Schema for the harbors configuration. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborConfigurationSpec defines the spec of HarborConfiguration. properties: configuration: - description: Configuration defines the harbor configuration types. properties: authMode: - description: The auth mode of current system, such as "db_auth", - "ldap_auth", "oidc_auth". type: string emailFrom: - description: The sender name for Email notification. type: string emailHost: - description: The hostname of SMTP server that sends Email notification. type: string emailIdentity: - description: By default it's empty so the email_username is picked type: string emailInsecure: - description: Whether or not the certificate will be verified when - Harbor tries to access the email server. type: boolean emailPassword: - description: Email password. type: string emailPort: - description: The port of SMTP server. type: integer emailSsl: - description: When it''s set to true the system will access Email - server via TLS by default. If it''s set to false, it still - will handle "STARTTLS" from server side. type: boolean emailUsername: - description: The username for authenticate against SMTP server. type: string httpAuthproxyAdminGroups: - description: The group which has the harbor admin privileges. type: string httpAuthproxyAdminUsernames: - description: The username which has the harbor admin privileges. type: string httpAuthproxyEndpoint: - description: The endpoint of the HTTP auth. type: string httpAuthproxyServerCertificate: - description: The certificate of the HTTP auth provider. type: boolean httpAuthproxySkipSearch: - description: Search user before onboard. type: boolean httpAuthproxyTokenreviewEndpoint: - description: The token review endpoint. type: string httpAuthproxyVerifyCert: - description: Verify the HTTP auth provider's certificate. type: boolean ldapBaseDn: - description: The Base DN for LDAP binding. type: string ldapFilter: - description: The filter for LDAP search. type: string ldapGroupAdminDn: - description: Specify the ldap group which have the same privilege - with Harbor admin. type: string ldapGroupAttributeName: - description: The attribute which is used as identity of the LDAP - group, default is cn. type: string ldapGroupBaseDn: - description: The base DN to search LDAP group. type: string ldapGroupMembershipAttribute: - description: The user attribute to identify the group membership. type: string ldapGroupSearchFilter: - description: The filter to search the ldap group. type: string ldapGroupSearchScope: - description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''. type: integer ldapScope: - description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'. type: integer ldapSearchDn: - description: The DN of the user to do the search. type: string ldapSearchPassword: - description: The password ref of the ldap search dn. type: string ldapTimeout: - description: Timeout in seconds for connection to LDAP server. type: integer ldapUid: - description: The attribute which is used as identity for the LDAP - binding, such as "CN" or "SAMAccountname". type: string ldapUrl: - description: The URL of LDAP server. type: string ldapVerifyCert: - description: Whether verify your OIDC server certificate, disable - it if your OIDC server is hosted via self-hosted certificate. type: boolean notificationEnable: - description: Enable notification. type: boolean oidcAdminGroup: - description: The OIDC group which has the harbor admin privileges. type: string oidcAutoOnboard: - description: Auto onboard the OIDC user. type: boolean oidcClientId: - description: The client ID of the OIDC provider. type: string oidcClientSecret: - description: The OIDC provider secret. type: string oidcEndpoint: - description: The endpoint of the OIDC provider. type: string oidcExtraRedirectParms: - description: Extra parameters to add when redirect request to - OIDC provider. type: string oidcGroupsClaim: - description: The attribute claims the group name. type: string oidcName: - description: The OIDC provider name. type: string oidcScope: - description: The scope of the OIDC provider. type: string oidcUserClaim: - description: The attribute claims the username. type: string oidcVerifyCert: - description: Verify the OIDC provider's certificate'. type: boolean projectCreationRestriction: - description: Indicate who can create projects, it could be ''adminonly'' - or ''everyone''. type: string quotaPerProjectEnable: - description: Enable quota per project. type: boolean readOnly: - description: The flag to indicate whether Harbor is in readonly - mode. type: boolean robotNamePrefix: - description: The rebot account name prefix. type: string robotTokenDuration: - description: The robot account token duration in days. type: integer selfRegistration: - description: Whether the Harbor instance supports self-registration. If - it''s set to false, admin need to add user to the instance. type: boolean storagePerProject: - description: The storage quota per project. type: integer tokenExpiration: - description: The expiration time of the token for internal Registry, - in minutes. type: integer uaaClientId: - description: The client id of UAA. type: string uaaClientSecret: - description: The client secret of the UAA. type: string uaaEndpoint: - description: The endpoint of the UAA. type: string uaaVerifyCert: - description: Verify the certificate in UAA server. type: boolean type: object harborClusterRef: - description: HarborClusterRef defines the reference of the harbor - cluster name. type: string type: object status: - description: HarborConfigurationStatus defines the status of HarborConfiguration. properties: lastApplyTime: - description: LastApplyTime represents the last apply configuration - time. format: date-time type: string lastConfiguration: - description: LastConfiguration represents the configuration of last - time. properties: configuration: - description: Configuration defines the harbor configuration types. properties: authMode: - description: The auth mode of current system, such as "db_auth", - "ldap_auth", "oidc_auth". type: string emailFrom: - description: The sender name for Email notification. type: string emailHost: - description: The hostname of SMTP server that sends Email - notification. type: string emailIdentity: - description: By default it's empty so the email_username is - picked type: string emailInsecure: - description: Whether or not the certificate will be verified - when Harbor tries to access the email server. type: boolean emailPassword: - description: Email password. type: string emailPort: - description: The port of SMTP server. type: integer emailSsl: - description: When it''s set to true the system will access - Email server via TLS by default. If it''s set to false, - it still will handle "STARTTLS" from server side. type: boolean emailUsername: - description: The username for authenticate against SMTP server. type: string httpAuthproxyAdminGroups: - description: The group which has the harbor admin privileges. type: string httpAuthproxyAdminUsernames: - description: The username which has the harbor admin privileges. type: string httpAuthproxyEndpoint: - description: The endpoint of the HTTP auth. type: string httpAuthproxyServerCertificate: - description: The certificate of the HTTP auth provider. type: boolean httpAuthproxySkipSearch: - description: Search user before onboard. type: boolean httpAuthproxyTokenreviewEndpoint: - description: The token review endpoint. type: string httpAuthproxyVerifyCert: - description: Verify the HTTP auth provider's certificate. type: boolean ldapBaseDn: - description: The Base DN for LDAP binding. type: string ldapFilter: - description: The filter for LDAP search. type: string ldapGroupAdminDn: - description: Specify the ldap group which have the same privilege - with Harbor admin. type: string ldapGroupAttributeName: - description: The attribute which is used as identity of the - LDAP group, default is cn. type: string ldapGroupBaseDn: - description: The base DN to search LDAP group. type: string ldapGroupMembershipAttribute: - description: The user attribute to identify the group membership. type: string ldapGroupSearchFilter: - description: The filter to search the ldap group. type: string ldapGroupSearchScope: - description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''. type: integer ldapScope: - description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'. type: integer ldapSearchDn: - description: The DN of the user to do the search. type: string ldapSearchPassword: - description: The password ref of the ldap search dn. type: string ldapTimeout: - description: Timeout in seconds for connection to LDAP server. type: integer ldapUid: - description: The attribute which is used as identity for the - LDAP binding, such as "CN" or "SAMAccountname". type: string ldapUrl: - description: The URL of LDAP server. type: string ldapVerifyCert: - description: Whether verify your OIDC server certificate, - disable it if your OIDC server is hosted via self-hosted - certificate. type: boolean notificationEnable: - description: Enable notification. type: boolean oidcAdminGroup: - description: The OIDC group which has the harbor admin privileges. type: string oidcAutoOnboard: - description: Auto onboard the OIDC user. type: boolean oidcClientId: - description: The client ID of the OIDC provider. type: string oidcClientSecret: - description: The OIDC provider secret. type: string oidcEndpoint: - description: The endpoint of the OIDC provider. type: string oidcExtraRedirectParms: - description: Extra parameters to add when redirect request - to OIDC provider. type: string oidcGroupsClaim: - description: The attribute claims the group name. type: string oidcName: - description: The OIDC provider name. type: string oidcScope: - description: The scope of the OIDC provider. type: string oidcUserClaim: - description: The attribute claims the username. type: string oidcVerifyCert: - description: Verify the OIDC provider's certificate'. type: boolean projectCreationRestriction: - description: Indicate who can create projects, it could be - ''adminonly'' or ''everyone''. type: string quotaPerProjectEnable: - description: Enable quota per project. type: boolean readOnly: - description: The flag to indicate whether Harbor is in readonly - mode. type: boolean robotNamePrefix: - description: The rebot account name prefix. type: string robotTokenDuration: - description: The robot account token duration in days. type: integer selfRegistration: - description: Whether the Harbor instance supports self-registration. If - it''s set to false, admin need to add user to the instance. type: boolean storagePerProject: - description: The storage quota per project. type: integer tokenExpiration: - description: The expiration time of the token for internal - Registry, in minutes. type: integer uaaClientId: - description: The client id of UAA. type: string uaaClientSecret: - description: The client secret of the UAA. type: string uaaEndpoint: - description: The endpoint of the UAA. type: string uaaVerifyCert: - description: Verify the certificate in UAA server. type: boolean type: object harborClusterRef: - description: HarborClusterRef defines the reference of the harbor - cluster name. type: string type: object message: - description: Message provides human-readable message. type: string reason: - description: Reason represents status reason. type: string status: - description: Status represents harbor configuration status. type: string type: object type: object @@ -13416,14 +8166,8 @@ spec: description: HarborProject is the Schema for the harbors projects. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -13529,8 +8273,6 @@ spec: description: HarborProjectStatus defines the status of HarborProject. properties: lastApplyTime: - description: LastApplyTime represents the last apply configuration - time. format: date-time type: string membershipHash: @@ -13538,7 +8280,6 @@ spec: in project membership. type: string message: - description: Message provides human-readable message. type: string projectID: description: ProjectID represents ID of the managed project. @@ -13550,7 +8291,6 @@ spec: format: int64 type: integer reason: - description: Reason represents status reason. type: string status: description: Status represents harbor project status. @@ -13567,7 +8307,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -13623,39 +8363,27 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Harbor is the Schema for the harbors API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborSpec defines the desired state of Harbor. properties: chartmuseum: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -13663,12 +8391,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -13676,35 +8400,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -13720,8 +8426,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -13730,20 +8434,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -13751,43 +8448,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -13799,10 +8471,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -13810,12 +8480,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -13827,12 +8493,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -13840,35 +8504,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -13884,8 +8530,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -13894,20 +8538,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -13915,82 +8552,42 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object database: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -14001,15 +8598,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL connections - to encrypt client/server communications for increased security. enum: - disable - allow @@ -14019,9 +8612,6 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -14033,22 +8623,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14056,12 +8640,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14069,46 +8649,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -14124,8 +8684,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14134,20 +8692,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14155,43 +8706,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -14208,7 +8734,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -14228,8 +8753,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -14239,7 +8762,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -14268,26 +8790,16 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string imageChartStorage: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -14295,9 +8807,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -14307,8 +8816,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -14323,53 +8830,30 @@ spec: type: boolean type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services for - object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, omit - to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store the - registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks to - be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt must - be true, or this parameter is ignored). type: string region: - description: The AWS region in which your bucket exists. For - the moment, the Go AWS library in use does not use the newer - DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services (Minio, - etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 keys - to allow you to segment data in your bucket if necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS Secret - Key. If you use IAM roles, omit to fetch temporary credentials - from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -14377,64 +8861,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is set - to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version 4 - of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. See: - https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. It - is used by HP Cloud Object Storage in addition to the secretkey - parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for example - 3. By default the driver autodetects the auth’s version - from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you wish - to store the registry’s data. The driver creates the named - container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 API. - You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 API. - You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to swift. enum: - public - internal @@ -14442,39 +8899,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set to - true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container if necessary. - Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either use - tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either use - tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -14484,7 +8926,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14492,23 +8933,15 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object internalTLS: @@ -14524,10 +8957,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14535,12 +8966,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14548,35 +8975,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -14592,8 +9001,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14602,20 +9009,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14623,43 +9023,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -14671,7 +9046,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -14683,15 +9057,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14699,13 +9070,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14713,36 +9079,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -14758,8 +9105,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14768,21 +9113,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14790,44 +9127,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -14835,10 +9146,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14846,13 +9155,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14860,36 +9164,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -14905,8 +9190,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14915,21 +9198,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14937,44 +9212,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -14983,10 +9232,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14994,12 +9241,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15007,35 +9250,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15051,8 +9276,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15061,20 +9284,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15082,43 +9298,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15150,31 +9341,22 @@ spec: type: array type: object redis: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -15186,10 +9368,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15197,12 +9377,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15214,12 +9390,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -15227,38 +9401,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15274,8 +9430,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15284,15 +9438,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -15309,7 +9457,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15317,43 +9464,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15361,10 +9483,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15372,12 +9492,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15385,35 +9501,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15429,8 +9527,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15439,20 +9535,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15460,43 +9549,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15508,14 +9572,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15523,12 +9583,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15536,35 +9592,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15580,8 +9618,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15590,57 +9626,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -15649,7 +9661,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15657,43 +9668,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15704,7 +9690,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -15714,28 +9699,17 @@ spec: - version type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -15746,8 +9720,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -15760,7 +9732,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -15799,39 +9770,27 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Harbor is the Schema for the harbors API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborSpec defines the desired state of Harbor. properties: chartmuseum: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15839,12 +9798,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15852,35 +9807,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15896,8 +9833,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15906,20 +9841,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15927,43 +9855,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15975,10 +9878,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15986,12 +9887,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -16013,12 +9910,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -16026,35 +9921,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -16070,8 +9947,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -16080,20 +9955,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -16101,59 +9969,29 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -16166,17 +10004,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -16187,15 +10017,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL connections - to encrypt client/server communications for increased security. enum: - disable - allow @@ -16205,9 +10031,6 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -16219,22 +10042,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -16242,12 +10059,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -16255,46 +10068,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -16310,8 +10103,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -16320,20 +10111,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -16341,43 +10125,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -16394,7 +10153,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -16416,8 +10174,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -16427,7 +10183,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -16460,9 +10215,6 @@ spec: imageChartStorage: properties: azure: - description: An implementation of the storagedriver.StorageDriver - interface which uses Microsoft Azure Blob Storage for object - storage. See https://docs.docker.com/registry/storage-drivers/azure/ properties: accountkeyRef: type: string @@ -16478,22 +10230,14 @@ spec: type: string type: object filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -16501,9 +10245,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -16513,8 +10254,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -16523,24 +10262,17 @@ spec: - registryPersistentVolume type: object gcs: - description: An implementation of the storagedriver.StorageDriver - interface which uses Google Cloud for object storage. See https://docs.docker.com/registry/storage-drivers/gcs/ properties: bucket: - description: bucket to store charts for Gcs storage type: string chunkSize: type: string keyDataRef: - description: The base64 encoded json file which contains the - key type: string pathPrefix: type: string type: object oss: - description: An implementation of the storagedriver.StorageDriver - interface which uses Alibaba Cloud for object storage. See https://docs.docker.com/registry/storage-drivers/oss/ properties: accessKeyID: type: string @@ -16549,15 +10281,11 @@ spec: bucket: type: string chunksize: - description: The Oss API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean endpoint: type: string @@ -16585,35 +10313,22 @@ spec: type: boolean type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services for - object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, omit - to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store the - registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks to - be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt must - be true, or this parameter is ignored). type: string multipartcopychunksize: format: int64 @@ -16625,22 +10340,12 @@ spec: format: int64 type: integer region: - description: The AWS region in which your bucket exists. For - the moment, the Go AWS library in use does not use the newer - DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services (Minio, - etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 keys - to allow you to segment data in your bucket if necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS Secret - Key. If you use IAM roles, omit to fetch temporary credentials - from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -16648,64 +10353,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is set - to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version 4 - of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. See: - https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. It - is used by HP Cloud Object Storage in addition to the secretkey - parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for example - 3. By default the driver autodetects the auth’s version - from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you wish - to store the registry’s data. The driver creates the named - container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 API. - You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 API. - You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to swift. enum: - public - internal @@ -16713,39 +10391,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set to - true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container if necessary. - Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either use - tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either use - tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -16755,7 +10418,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -16763,23 +10425,15 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object internalTLS: @@ -16795,10 +10449,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -16806,12 +10458,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -16823,12 +10471,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -16836,35 +10482,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -16880,8 +10508,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -16890,33 +10516,19 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: scanDataExportsPersistentVolume: - description: ScanDataExportsPersistentVolume specify the persistent - volume used to store data exports. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -16925,7 +10537,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -16933,43 +10544,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -16981,7 +10567,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -16990,13 +10575,9 @@ spec: - fatal type: string network: - description: Network settings for the harbor properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object @@ -17004,15 +10585,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17020,13 +10598,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17034,36 +10607,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -17079,8 +10633,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17089,21 +10641,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17111,44 +10655,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -17156,10 +10674,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17167,13 +10683,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17181,36 +10692,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -17226,8 +10718,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17236,21 +10726,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17258,44 +10740,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -17304,10 +10760,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17315,12 +10769,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17328,35 +10778,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17372,8 +10804,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17382,20 +10812,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17403,43 +10826,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -17473,27 +10871,20 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -17505,10 +10896,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17516,12 +10905,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17533,12 +10918,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -17546,38 +10929,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17593,8 +10958,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17603,15 +10966,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -17628,7 +10985,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17636,43 +10992,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -17680,10 +11011,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17691,12 +11020,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17704,35 +11029,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17748,8 +11055,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17758,20 +11063,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17779,88 +11077,52 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object trace: - description: Trace settings for the harbor properties: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -17869,43 +11131,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -17917,14 +11167,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17932,12 +11178,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17945,42 +11187,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object offlineScan: default: false - description: Option prevents Trivy from sending API requests to - identify dependencies. This option doesn’t affect DB download. - You need to specify "skip-update" as well as "offline-scan" - in an air-gapped environment. type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17996,8 +11216,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -18006,57 +11224,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -18065,7 +11259,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -18073,43 +11266,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -18120,7 +11288,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -18133,28 +11300,17 @@ spec: - version type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -18165,8 +11321,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -18179,7 +11333,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -18196,11 +11349,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: harborserverconfigurations.goharbor.io spec: group: goharbor.io @@ -18232,28 +11384,16 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: HarborServerConfiguration is the Schema for the harborserverconfigurations - API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborServerConfigurationSpec defines the desired state of - HarborServerConfiguration. properties: accessCredential: - description: AccessCredential is a namespaced credential to keep the - access key and secret for the harbor server configuration. properties: accessSecretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -18266,44 +11406,19 @@ spec: - namespace type: object default: - description: Default indicates the harbor configuration manages namespaces. - Value in goharbor.io/harbor annotation will be considered with high - priority. At most, one HarborServerConfiguration can be the default, - multiple defaults will be rejected. type: boolean insecure: - description: Indicate if the Harbor server is an insecure registry type: boolean namespaceSelector: - description: "NamespaceSelector decides whether to apply the HSC on - a namespace based on whether the namespace matches the selector. - See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - for more examples of label selectors. \n Default to the empty LabelSelector, - which matches everything." properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. properties: key: - description: key is the label key that the selector applies - to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. items: type: string type: array @@ -18315,17 +11430,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. type: object type: object x-kubernetes-map-type: atomic rules: - description: Rules configures the container image rewrite rules for - transparent proxy caching with Harbor. items: type: string type: array @@ -18333,7 +11441,6 @@ spec: pattern: (?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^https?://(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)+([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9]) type: string version: - description: The version of the Harbor server pattern: (0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))? type: string required: @@ -18342,16 +11449,12 @@ spec: - version type: object status: - description: HarborConfigurationStatus defines the status of HarborServerConfiguration. properties: message: - description: Message provides human-readable message. type: string reason: - description: Reason represents status reason. type: string status: - description: Status represents harbor configuration status. type: string type: object type: object @@ -18365,7 +11468,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -18409,22 +11512,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: JobService is the Schema for the JobService API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: JobServiceSpec defines the desired state of JobService. properties: certificateRefs: items: @@ -18443,10 +11538,8 @@ spec: - url type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -18454,12 +11547,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -18474,13 +11563,11 @@ spec: sizeLimit: 100Mi stdout: level: INFO - description: Job logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -18497,7 +11584,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -18509,240 +11595,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -18750,150 +11701,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -18905,129 +11772,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -19035,103 +11808,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -19147,9 +11842,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -19158,49 +11850,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -19212,31 +11873,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -19244,81 +11888,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -19326,198 +11927,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -19525,155 +12016,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -19681,100 +12082,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -19786,54 +12129,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -19841,48 +12146,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -19891,160 +12167,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -20052,61 +12244,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -20114,81 +12264,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -20201,7 +12306,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -20215,13 +12319,11 @@ spec: default: stdout: level: INFO - description: Logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -20238,7 +12340,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -20250,240 +12351,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -20491,150 +12457,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -20646,129 +12528,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -20776,103 +12564,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -20888,9 +12598,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -20899,49 +12606,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -20953,31 +12629,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -20985,81 +12644,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -21067,198 +12683,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -21266,155 +12772,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -21422,100 +12838,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -21527,54 +12885,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -21582,48 +12902,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -21632,160 +12923,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -21793,61 +13000,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -21855,81 +13020,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -21942,7 +13062,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -21955,9 +13074,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -22002,28 +13118,15 @@ spec: - url type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -22039,8 +13142,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -22049,23 +13150,16 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -22087,47 +13181,22 @@ spec: - url type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array workerPool: - description: Configurations of worker pool properties: backend: default: redis @@ -22136,54 +13205,40 @@ spec: minLength: 1 type: string redisPool: - description: RedisPoolConfig keeps redis worker info. properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle - connections are not closed. Applications should set the - timeout to a value less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string namespace: type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object workers: default: 10 - description: Worker concurrency format: int32 minimum: 1 type: integer @@ -22196,28 +13251,17 @@ spec: - workerPool type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -22228,8 +13272,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -22242,7 +13284,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -22271,22 +13312,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: JobService is the Schema for the JobService API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: JobServiceSpec defines the desired state of JobService. properties: certificateRefs: items: @@ -22305,10 +13338,8 @@ spec: - url type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -22316,12 +13347,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -22336,13 +13363,11 @@ spec: sizeLimit: 100Mi stdout: level: INFO - description: Job logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -22359,7 +13384,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -22371,240 +13395,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -22612,150 +13501,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -22767,129 +13572,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -22897,103 +13608,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -23009,9 +13642,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -23020,49 +13650,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -23074,31 +13673,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -23106,81 +13688,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -23188,198 +13727,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -23387,155 +13816,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -23543,100 +13882,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -23648,54 +13929,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -23703,48 +13946,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -23753,160 +13967,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -23914,61 +14044,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -23976,81 +14064,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -24063,7 +14106,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -24077,13 +14119,11 @@ spec: default: stdout: level: INFO - description: Logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -24100,7 +14140,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -24112,240 +14151,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -24353,150 +14257,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -24508,129 +14328,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -24638,103 +14364,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -24750,9 +14398,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -24761,49 +14406,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -24815,31 +14429,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -24847,81 +14444,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -24929,198 +14483,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -25128,155 +14572,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -25284,100 +14638,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -25389,54 +14685,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -25444,48 +14702,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -25494,160 +14723,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -25655,61 +14800,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -25717,81 +14820,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -25804,7 +14862,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -25821,12 +14878,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -25835,18 +14890,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -25891,28 +14940,15 @@ spec: - url type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -25928,8 +14964,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -25938,18 +14972,12 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -25961,237 +14989,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -26199,146 +15095,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -26350,126 +15166,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -26477,100 +15202,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -26586,9 +15236,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -26597,47 +15244,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -26649,29 +15267,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -26679,80 +15282,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -26760,194 +15321,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -26955,153 +15410,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -27109,97 +15476,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -27211,53 +15523,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -27265,46 +15540,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -27313,159 +15561,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -27473,58 +15638,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -27532,81 +15658,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -27619,7 +15700,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -27641,42 +15721,18 @@ spec: - url type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -27685,41 +15741,31 @@ spec: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -27728,43 +15774,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -27773,7 +15807,6 @@ spec: default: RollingUpdate type: string workerPool: - description: Configurations of worker pool properties: backend: default: redis @@ -27782,54 +15815,40 @@ spec: minLength: 1 type: string redisPool: - description: RedisPoolConfig keeps redis worker info. properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle - connections are not closed. Applications should set the - timeout to a value less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string namespace: type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object workers: default: 10 - description: Worker concurrency format: int32 minimum: 1 type: integer @@ -27842,28 +15861,17 @@ spec: - workerPool type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -27874,8 +15882,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -27888,7 +15894,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -27906,7 +15911,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -27950,22 +15955,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: NotaryServer is the Schema for the NotaryServer API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotaryServerSpec defines the desired state of NotaryServer. properties: authentication: properties: @@ -27993,10 +15990,8 @@ spec: - token type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -28004,12 +15999,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -28018,8 +16009,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -28034,33 +16023,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -28076,8 +16049,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -28086,42 +16057,24 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -28134,17 +16087,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -28154,7 +16101,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -28168,42 +16114,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -28237,28 +16159,17 @@ spec: - trustService type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -28269,8 +16180,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -28283,7 +16192,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -28312,22 +16220,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: NotaryServer is the Schema for the NotaryServer API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotaryServerSpec defines the desired state of NotaryServer. properties: authentication: properties: @@ -28355,10 +16255,8 @@ spec: - token type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -28366,12 +16264,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -28380,8 +16274,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -28397,42 +16289,23 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -28448,8 +16321,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -28458,42 +16329,24 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -28506,17 +16359,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -28526,7 +16373,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -28540,42 +16386,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -28609,28 +16431,17 @@ spec: - trustService type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -28641,8 +16452,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -28655,7 +16464,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -28673,7 +16481,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -28717,22 +16525,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: NotarySigner is the Schema for the NotarySigner API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotarySignerSpec defines the desired state of NotarySigner. properties: authentatication: properties: @@ -28743,10 +16543,8 @@ spec: - certificateRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -28754,12 +16552,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -28768,8 +16562,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -28784,33 +16576,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -28826,8 +16602,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -28836,15 +16610,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -28854,27 +16622,15 @@ spec: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -28887,17 +16643,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -28908,7 +16658,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -28916,42 +16665,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -28960,28 +16685,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -28992,8 +16706,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29006,7 +16718,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29035,22 +16746,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: NotarySigner is the Schema for the NotarySigner API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotarySignerSpec defines the desired state of NotarySigner. properties: authentatication: properties: @@ -29061,10 +16764,8 @@ spec: - certificateRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -29072,12 +16773,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -29086,8 +16783,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -29103,42 +16798,23 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -29154,8 +16830,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -29164,15 +16838,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -29182,27 +16850,15 @@ spec: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -29215,17 +16871,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -29236,7 +16886,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -29244,42 +16893,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -29288,28 +16913,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -29320,8 +16934,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29334,7 +16946,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29352,7 +16963,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -29396,28 +17007,18 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Portal is the Schema for the portals API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: PortalSpec defines the desired state of Portal. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -29425,53 +17026,31 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array maxConnections: default: 1024 - description: Sets the maximum number of simultaneous connections that - can be opened. format: int32 minimum: 0 type: integer nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -29487,8 +17066,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -29497,20 +17074,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -29524,69 +17094,34 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -29597,8 +17132,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29611,7 +17144,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29640,28 +17172,18 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Portal is the Schema for the portals API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: PortalSpec defines the desired state of Portal. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -29669,64 +17191,38 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array maxConnections: default: 1024 - description: Sets the maximum number of simultaneous connections that - can be opened. format: int32 minimum: 0 type: integer network: - description: Network settings for the portal properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -29742,8 +17238,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -29752,20 +17246,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -29779,69 +17266,34 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -29852,8 +17304,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29866,7 +17316,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29883,11 +17332,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: pullsecretbindings.goharbor.io spec: group: goharbor.io @@ -29918,36 +17366,22 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: PullSecretBinding is the Schema for the pullsecretbindings API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: PullSecretBindingSpec defines the desired state of PullSecretBinding. properties: harborServerConfig: - description: Indicate which harbor server configuration is referred type: string projectId: - description: ProjectID points to the project associated with the secret - binding type: string robotId: - description: RobotID points to the robot account id used for secret - binding type: string serviceAccount: - description: Indicate which service account binds the pull secret type: string required: - harborServerConfig @@ -29956,19 +17390,12 @@ spec: - serviceAccount type: object status: - description: PullSecretBindingStatus defines the observed state of PullSecretBinding. properties: message: - description: Message provides human-readable message. type: string reason: - description: Reason represents status reason. type: string status: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file Indicate the status of binding: `binding`, `bound` and - `unknown`' type: string required: - status @@ -42384,7 +29811,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -42428,22 +29855,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Registry is the Schema for the registries API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistrySpec defines the desired state of Registry. See https://docs.docker.com/registry/configuration/ properties: authentication: properties: @@ -42595,12 +30014,6 @@ spec: http: properties: debug: - description: Use debug option to configure a debug server that - can be helpful in diagnosing problems. The debug endpoint can - be used for monitoring registry metrics and health, as well - as profiling. Sensitive information may be available via the - debug endpoint. Please be certain that access to the debug endpoint - is locked down in a production environment. properties: port: default: 5001 @@ -42619,8 +30032,6 @@ spec: type: object type: object drainTimeout: - description: Amount of time to wait for HTTP connections to drain - before shutting down after registry receives SIGTERM signal pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string headers: @@ -42631,26 +30042,10 @@ spec: default: X-Content-Type-Options: - nosniff - description: 'Use this option to specify headers that the HTTP - server should include in responses. This can be used for security - headers such as Strict-Transport-Security. The headers option - should contain an option for each header to include, where the - parameter name is the header’s name, and the parameter value - a list of the header’s payload values. Including X-Content-Type-Options: - [nosniff] is recommended, sothat browsers will not interpret - content as HTML if they are directed to load a page from the - registry. This header is included in the example configuration - file.' type: object host: - description: A fully-qualified URL for an externally-reachable - address for the registry. If present, it is used when creating - generated URLs. Otherwise, these URLs are derived from client - requests. type: string http2: - description: Use the http2 structure to control http2 settings - for the registry. properties: disabled: default: false @@ -42658,40 +30053,20 @@ spec: type: object net: default: tcp - description: The network used to create a listening socket. enum: - unix - tcp type: string prefix: - description: If the server does not run at the root path, set - this to the value of the prefix. The root path is the section - before v2. It requires both preceding and trailing slashes, - such as in the example /path/. pattern: (/(.+/)?)? type: string relativeURLs: default: true - description: If true, the registry returns relative URLs in Location - headers. The client is responsible for resolving the correct - URL. This option is not compatible with Docker 1.7 and earlier. type: boolean secretRef: - description: The secret name containing a random piece of data - used to sign state that may be stored with the client to protect - against tampering. For production environments you should generate - a random piece of data using a cryptographically secure random - generator. If you omit the secret, the registry will automatically - generate a secret when it starts. If you are building a cluster - of registries behind a load balancer, you MUST ensure the secret - is the same for all registries. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tls: - description: Use this to configure TLS for the server. If you - already have a web server running on the same host as the registry, - you may prefer to configure TLS on that web server and proxy - connections to the registry server. properties: certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -42699,10 +30074,8 @@ spec: type: object type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -42710,12 +30083,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -42737,7 +30106,6 @@ spec: type: object formatter: default: text - description: RegistryLogFormatter is the log formatter for Registry. enum: - text - json @@ -42763,7 +30131,6 @@ spec: type: array level: default: info - description: RegistryLogLevel is the log level for Registry. enum: - debug - info @@ -42813,15 +30180,11 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object notifications: + default: {} properties: endpoints: - description: The endpoints structure contains a list of named - services (URLs) that can accept event notifications. items: properties: backoff: @@ -42830,8 +30193,6 @@ spec: type: string disabled: default: false - description: If true, notifications are disabled for the - service. type: boolean headers: additionalProperties: @@ -42855,7 +30216,6 @@ spec: type: string type: array name: - description: A human-readable name for the service. type: string threshold: default: 3 @@ -42864,14 +30224,9 @@ spec: type: integer timeout: default: 5s - description: A value for the HTTP timeout. A positive integer - and an optional suffix indicating the unit of time, which - may be ns, us, ms, s, m, or h. If you omit the unit of - time, ns is used. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string url: - description: The URL to which events should be published. pattern: https?://.+ type: string required: @@ -42880,6 +30235,7 @@ spec: type: object type: array events: + default: {} properties: includeReferences: default: true @@ -42907,13 +30263,10 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 @@ -42922,12 +30275,9 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: @@ -42948,7 +30298,6 @@ spec: type: integer type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 @@ -42957,7 +30306,6 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string sentinelMasterSet: - description: for Sentinel MasterSet. type: string writeTimeout: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? @@ -42966,9 +30314,6 @@ spec: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer @@ -42977,21 +30322,11 @@ spec: type: string type: object resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -43007,8 +30342,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -43017,15 +30350,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -43046,9 +30373,6 @@ spec: driver: properties: filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: maxthreads: default: 100 @@ -43058,247 +30382,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -43306,156 +30488,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -43467,132 +30559,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -43600,106 +30595,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -43715,9 +30629,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -43726,51 +30637,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -43782,32 +30660,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -43815,83 +30675,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -43899,201 +30714,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -44101,159 +30803,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -44261,102 +30869,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -44368,57 +30916,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -44426,50 +30933,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -44478,161 +30954,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -44640,62 +31031,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -44703,83 +31051,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -44789,65 +31090,32 @@ spec: - volumeSource type: object inmemory: - description: 'InMemory storage driver is for purely tests - purposes. This driver is an implementation of the storagedriver.StorageDriver - interface which uses local memory for object storage. If - you would like to run a registry from volatile memory, use - the filesystem driver on a ramdisk. IMPORTANT: This storage - driver does not persist data across runs. This is why it - is only suitable for testing. Never use this driver in production. - See: https://docs.docker.com/registry/storage-drivers/inmemory/' type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services - for object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, - omit to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store - the registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt - must be true, or this parameter is ignored). type: string region: - description: The AWS region in which your bucket exists. - For the moment, the Go AWS library in use does not use - the newer DNS based bucket routing. For a list of regions, - see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services - (Minio, etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 - keys to allow you to segment data in your bucket if - necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS - Secret Key. If you use IAM roles, omit to fetch temporary - credentials from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -44855,65 +31123,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is - set to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version - 4 of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. - See: https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. - It is used by HP Cloud Object Storage in addition to - the secretkey parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for - example 3. By default the driver autodetects the auth’s - version from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you - wish to store the registry’s data. The driver creates - the named container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to - swift. enum: - public - internal @@ -44921,40 +31161,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set - to true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container - if necessary. Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary - URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -44999,7 +31223,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -45007,42 +31230,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -45069,28 +31268,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -45101,8 +31289,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -45115,7 +31301,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -45146,22 +31331,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Registry is the Schema for the registries API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistrySpec defines the desired state of Registry. See https://docs.docker.com/registry/configuration/ properties: authentication: properties: @@ -45313,12 +31490,6 @@ spec: http: properties: debug: - description: Use debug option to configure a debug server that - can be helpful in diagnosing problems. The debug endpoint can - be used for monitoring registry metrics and health, as well - as profiling. Sensitive information may be available via the - debug endpoint. Please be certain that access to the debug endpoint - is locked down in a production environment. properties: port: default: 5001 @@ -45337,8 +31508,6 @@ spec: type: object type: object drainTimeout: - description: Amount of time to wait for HTTP connections to drain - before shutting down after registry receives SIGTERM signal pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string headers: @@ -45349,26 +31518,10 @@ spec: default: X-Content-Type-Options: - nosniff - description: 'Use this option to specify headers that the HTTP - server should include in responses. This can be used for security - headers such as Strict-Transport-Security. The headers option - should contain an option for each header to include, where the - parameter name is the header’s name, and the parameter value - a list of the header’s payload values. Including X-Content-Type-Options: - [nosniff] is recommended, sothat browsers will not interpret - content as HTML if they are directed to load a page from the - registry. This header is included in the example configuration - file.' type: object host: - description: A fully-qualified URL for an externally-reachable - address for the registry. If present, it is used when creating - generated URLs. Otherwise, these URLs are derived from client - requests. type: string http2: - description: Use the http2 structure to control http2 settings - for the registry. properties: disabled: default: false @@ -45376,40 +31529,20 @@ spec: type: object net: default: tcp - description: The network used to create a listening socket. enum: - unix - tcp type: string prefix: - description: If the server does not run at the root path, set - this to the value of the prefix. The root path is the section - before v2. It requires both preceding and trailing slashes, - such as in the example /path/. pattern: (/(.+/)?)? type: string relativeURLs: default: true - description: If true, the registry returns relative URLs in Location - headers. The client is responsible for resolving the correct - URL. This option is not compatible with Docker 1.7 and earlier. type: boolean secretRef: - description: The secret name containing a random piece of data - used to sign state that may be stored with the client to protect - against tampering. For production environments you should generate - a random piece of data using a cryptographically secure random - generator. If you omit the secret, the registry will automatically - generate a secret when it starts. If you are building a cluster - of registries behind a load balancer, you MUST ensure the secret - is the same for all registries. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tls: - description: Use this to configure TLS for the server. If you - already have a web server running on the same host as the registry, - you may prefer to configure TLS on that web server and proxy - connections to the registry server. properties: certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -45417,10 +31550,8 @@ spec: type: object type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -45428,12 +31559,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -45455,7 +31582,6 @@ spec: type: object formatter: default: text - description: RegistryLogFormatter is the log formatter for Registry. enum: - text - json @@ -45481,7 +31607,6 @@ spec: type: array level: default: info - description: RegistryLogLevel is the log level for Registry. enum: - debug - info @@ -45532,24 +31657,17 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object notifications: + default: {} properties: endpoints: - description: The endpoints structure contains a list of named - services (URLs) that can accept event notifications. items: properties: backoff: @@ -45558,8 +31676,6 @@ spec: type: string disabled: default: false - description: If true, notifications are disabled for the - service. type: boolean headers: additionalProperties: @@ -45583,7 +31699,6 @@ spec: type: string type: array name: - description: A human-readable name for the service. type: string threshold: default: 3 @@ -45592,14 +31707,9 @@ spec: type: integer timeout: default: 5s - description: A value for the HTTP timeout. A positive integer - and an optional suffix indicating the unit of time, which - may be ns, us, ms, s, m, or h. If you omit the unit of - time, ns is used. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string url: - description: The URL to which events should be published. pattern: https?://.+ type: string required: @@ -45608,6 +31718,7 @@ spec: type: object type: array events: + default: {} properties: includeReferences: default: true @@ -45635,13 +31746,10 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 @@ -45650,12 +31758,9 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: @@ -45676,7 +31781,6 @@ spec: type: integer type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 @@ -45685,7 +31789,6 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string sentinelMasterSet: - description: for Sentinel MasterSet. type: string writeTimeout: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? @@ -45694,9 +31797,6 @@ spec: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer @@ -45705,21 +31805,11 @@ spec: type: string type: object resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -45735,8 +31825,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -45745,15 +31833,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -45774,9 +31856,6 @@ spec: driver: properties: azure: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Microsoft Azure Blob Storage for object - storage. See: https://docs.docker.com/registry/storage-drivers/azure/' properties: accountkeyRef: type: string @@ -45792,9 +31871,6 @@ spec: type: string type: object filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: maxthreads: default: 100 @@ -45804,247 +31880,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -46052,156 +31986,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -46213,132 +32057,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -46346,106 +32093,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -46461,9 +32127,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -46472,51 +32135,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -46528,32 +32158,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -46561,83 +32173,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -46645,201 +32212,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -46847,159 +32301,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -47007,102 +32367,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -47114,57 +32414,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -47172,50 +32431,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -47224,161 +32452,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -47386,62 +32529,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -47449,83 +32549,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -47535,34 +32588,19 @@ spec: - volumeSource type: object gcs: - description: An implementation of the storagedriver.StorageDriver - interface which uses Google Cloud for object storage. https://docs.docker.com/registry/storage-drivers/gcs/ properties: bucket: - description: bucket to store charts for Gcs storage type: string chunkSize: type: string keyDataRef: - description: The base64 encoded json file which contains - the key type: string pathPrefix: type: string type: object inmemory: - description: 'InMemory storage driver is for purely tests - purposes. This driver is an implementation of the storagedriver.StorageDriver - interface which uses local memory for object storage. If - you would like to run a registry from volatile memory, use - the filesystem driver on a ramdisk. IMPORTANT: This storage - driver does not persist data across runs. This is why it - is only suitable for testing. Never use this driver in production. - See: https://docs.docker.com/registry/storage-drivers/inmemory/' type: object oss: - description: An implementation of the storagedriver.StorageDriver - interface which uses Alibaba Cloud for object storage. https://docs.docker.com/registry/storage-drivers/oss/ properties: accessKeyID: type: string @@ -47571,15 +32609,11 @@ spec: bucket: type: string chunksize: - description: The Oss API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean endpoint: type: string @@ -47601,35 +32635,22 @@ spec: - region type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services - for object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, - omit to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store - the registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt - must be true, or this parameter is ignored). type: string multipartcopychunksize: format: int64 @@ -47641,24 +32662,12 @@ spec: format: int64 type: integer region: - description: The AWS region in which your bucket exists. - For the moment, the Go AWS library in use does not use - the newer DNS based bucket routing. For a list of regions, - see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services - (Minio, etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 - keys to allow you to segment data in your bucket if - necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS - Secret Key. If you use IAM roles, omit to fetch temporary - credentials from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -47666,65 +32675,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is - set to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version - 4 of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. - See: https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. - It is used by HP Cloud Object Storage in addition to - the secretkey parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for - example 3. By default the driver autodetects the auth’s - version from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you - wish to store the registry’s data. The driver creates - the named container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to - swift. enum: - public - internal @@ -47732,40 +32713,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set - to true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container - if necessary. Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary - URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -47810,7 +32775,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -47818,42 +32782,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -47862,41 +32802,31 @@ spec: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -47905,43 +32835,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -47972,28 +32890,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -48004,8 +32911,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -48018,7 +32923,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -48041,7 +32945,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -48085,22 +32989,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: RegistryController is the Schema for the RegistryController API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistryControllerSpec defines the desired state of RegistryController. properties: authentication: properties: @@ -48112,10 +33008,8 @@ spec: type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -48123,12 +33017,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -48137,7 +33027,6 @@ spec: properties: level: default: info - description: RegistryCtlLogLevel is the log level for RegistryController. enum: - debug - info @@ -48149,36 +33038,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object registryRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -48194,8 +33067,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -48204,20 +33075,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -48231,42 +33095,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -48275,27 +33115,17 @@ spec: - registryRef type: object status: - description: Most recently observed status. properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -48306,8 +33136,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -48320,7 +33148,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -48349,22 +33176,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: RegistryController is the Schema for the RegistryController API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistryControllerSpec defines the desired state of RegistryController. properties: authentication: properties: @@ -48376,10 +33195,8 @@ spec: type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -48387,12 +33204,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -48401,7 +33214,6 @@ spec: properties: level: default: info - description: RegistryCtlLogLevel is the log level for RegistryController. enum: - debug - info @@ -48414,45 +33226,26 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object registryRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -48468,8 +33261,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -48478,20 +33269,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -48505,42 +33289,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -48549,27 +33309,17 @@ spec: - registryRef type: object status: - description: Most recently observed status. properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -48580,8 +33330,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -48594,7 +33342,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -57487,7 +42234,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 @@ -57531,32 +42278,22 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Trivy is the Schema for the Trivy API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: TrivySpec defines the desired state of Trivy. properties: certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -57564,12 +42301,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -57580,7 +42313,6 @@ spec: properties: level: default: info - description: TrivyLogLevel is the log level for Trivy. enum: - debug - info @@ -57593,9 +42325,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -57616,120 +42345,82 @@ spec: type: array type: object redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string jobs: properties: Namespace: default: harbor.scanner.trivy:job-queue - description: The namespace for keys in the scan jobs queue - backed by Redis type: string scanTTL: default: 1h - description: The time to live for persisting scan jobs and - associated scan reports pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object namespace: default: harbor.scanner.trivy:store - description: The namespace for keys in the Redis store type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: properties: connectionTimeout: default: 1s - description: The timeout for connecting to the Redis server pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string idleTimeout: default: 5m - description: The duration after which idle connections to - the Redis server are closed. If the value is zero, then - idle connections are not closed. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string maxActive: default: 5 - description: The max number of connections allocated by the - Redis connection pool minimum: 0 type: integer maxIdle: default: 5 - description: The max number of idle connections in the Redis - connection pool minimum: 0 type: integer readTimeout: default: 1s - description: The timeout for reading a single Redis command - reply pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string writeTimeout: default: 1s - description: The timeout for writing a single Redis command pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -57745,8 +42436,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -57755,10 +42444,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: @@ -57769,30 +42454,23 @@ spec: type: array debugMode: default: false - description: The flag to enable or disable Trivy debug mode type: boolean idleTimeout: default: 60s - description: Idle timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string ignoreUnfixed: default: false - description: The flag to display only fixed vulnerabilities type: boolean insecure: default: false - description: The flag to skip verifying registry certificate type: boolean proxy: properties: URL: - description: The URL of the proxy server pattern: https?://.+ type: string noProxy: - description: The URLs that the proxy settings do not apply - to items: type: string type: array @@ -57801,7 +42479,6 @@ spec: type: object readTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -57816,13 +42493,10 @@ spec: type: array writeTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string severities: default: @@ -57831,10 +42505,7 @@ spec: - MEDIUM - HIGH - CRITICAL - description: List of severities to be displayed items: - description: TrivyServerSeverityType represents a CVE severity type - for trivy. enum: - UNKNOWN - LOW @@ -57853,237 +42524,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -58091,146 +42630,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -58242,126 +42701,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -58369,100 +42737,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -58478,9 +42771,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -58489,47 +42779,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -58541,29 +42802,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -58571,80 +42817,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -58652,194 +42856,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -58847,153 +42945,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -59001,97 +43011,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -59103,53 +43058,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -59157,46 +43075,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -59205,159 +43096,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -59365,58 +43173,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -59424,81 +43193,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -59513,237 +43237,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -59751,146 +43343,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -59902,126 +43414,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -60029,100 +43450,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -60138,9 +43484,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -60149,47 +43492,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -60201,29 +43515,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -60231,80 +43530,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -60312,194 +43569,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -60507,153 +43658,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -60661,97 +43724,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -60763,53 +43771,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -60817,46 +43788,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -60865,159 +43809,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -61025,58 +43886,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -61084,81 +43906,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -61172,7 +43949,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -61180,65 +43956,34 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array update: properties: githubTokenRef: - description: The GitHub access token to download Trivy DB (see - GitHub rate limiting) type: string skip: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean type: object vulnerabilityTypes: default: - os - library - description: Comma-separated list of vulnerability types. items: - description: TrivyServerVulnerabilityType represents a CVE vulnerability - type for trivy. enum: - os - library @@ -61249,28 +43994,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -61281,8 +44015,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -61295,7 +44027,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -61324,32 +44055,22 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Trivy is the Schema for the Trivy API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: TrivySpec defines the desired state of Trivy. properties: certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -61357,12 +44078,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -61373,7 +44090,6 @@ spec: properties: level: default: info - description: TrivyLogLevel is the log level for Trivy. enum: - debug - info @@ -61387,18 +44103,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object offlineScan: default: false @@ -61422,120 +44132,82 @@ spec: type: array type: object redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string jobs: properties: Namespace: default: harbor.scanner.trivy:job-queue - description: The namespace for keys in the scan jobs queue - backed by Redis type: string scanTTL: default: 1h - description: The time to live for persisting scan jobs and - associated scan reports pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object namespace: default: harbor.scanner.trivy:store - description: The namespace for keys in the Redis store type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: properties: connectionTimeout: default: 1s - description: The timeout for connecting to the Redis server pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string idleTimeout: default: 5m - description: The duration after which idle connections to - the Redis server are closed. If the value is zero, then - idle connections are not closed. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string maxActive: default: 5 - description: The max number of connections allocated by the - Redis connection pool minimum: 0 type: integer maxIdle: default: 5 - description: The max number of idle connections in the Redis - connection pool minimum: 0 type: integer readTimeout: default: 1s - description: The timeout for reading a single Redis command - reply pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string writeTimeout: default: 1s - description: The timeout for writing a single Redis command pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -61551,8 +44223,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -61561,10 +44231,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: @@ -61575,30 +44241,23 @@ spec: type: array debugMode: default: false - description: The flag to enable or disable Trivy debug mode type: boolean idleTimeout: default: 60s - description: Idle timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string ignoreUnfixed: default: false - description: The flag to display only fixed vulnerabilities type: boolean insecure: default: false - description: The flag to skip verifying registry certificate type: boolean proxy: properties: URL: - description: The URL of the proxy server pattern: https?://.+ type: string noProxy: - description: The URLs that the proxy settings do not apply - to items: type: string type: array @@ -61607,7 +44266,6 @@ spec: type: object readTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -61622,13 +44280,10 @@ spec: type: array writeTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string severities: default: @@ -61637,10 +44292,7 @@ spec: - MEDIUM - HIGH - CRITICAL - description: List of severities to be displayed items: - description: TrivyServerSeverityType represents a CVE severity type - for trivy. enum: - UNKNOWN - LOW @@ -61659,237 +44311,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -61897,146 +44417,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -62048,126 +44488,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -62175,100 +44524,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -62284,9 +44558,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -62295,47 +44566,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -62347,29 +44589,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -62377,80 +44604,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -62458,194 +44643,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -62653,153 +44732,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -62807,97 +44798,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -62909,53 +44845,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -62963,46 +44862,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -63011,159 +44883,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -63171,58 +44960,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -63230,81 +44980,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -63319,237 +45024,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -63557,146 +45130,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -63708,126 +45201,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -63835,100 +45237,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -63944,9 +45271,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -63955,47 +45279,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -64007,29 +45302,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -64037,80 +45317,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -64118,194 +45356,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -64313,153 +45445,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -64467,97 +45511,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -64569,53 +45558,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -64623,46 +45575,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -64671,159 +45596,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -64831,58 +45673,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -64890,81 +45693,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -64978,7 +45736,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -64989,65 +45746,34 @@ spec: default: 5m0s type: string tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array update: properties: githubTokenRef: - description: The GitHub access token to download Trivy DB (see - GitHub rate limiting) type: string skip: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean type: object vulnerabilityTypes: default: - os - library - description: Comma-separated list of vulnerability types. items: - description: TrivyServerVulnerabilityType represents a CVE vulnerability - type for trivy. enum: - os - library @@ -65058,28 +45784,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -65090,8 +45805,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -65104,7 +45817,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -65194,7 +45906,6 @@ metadata: goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: cluster goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: harbor-operator-role rules: - apiGroups: diff --git a/manifests/harbor/deployment.yaml b/manifests/harbor/deployment.yaml index 5d328b9d1..47f793256 100644 --- a/manifests/harbor/deployment.yaml +++ b/manifests/harbor/deployment.yaml @@ -12,7 +12,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -56,47 +56,31 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: ChartMuseum is the Schema for the ChartMuseum API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ChartMuseumSpec defines the desired state of ChartMuseum. properties: authentication: properties: anonymousGet: default: false - description: Allow anonymous GET operations when auth is used type: boolean basicAuthRef: - description: 'Reference to secret containing basic http authentication - Harbor: Harbor try to connect using chart_controller username' pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bearer: - description: Bearer authentication specs properties: certificateRef: - description: Reference to secret containing authorization - server certificate pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string realm: - description: Authorization server url type: string service: - description: Authorization server service name type: string required: - certificateRef @@ -105,40 +89,30 @@ spec: type: object type: object cache: - description: Cache stores properties: redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -152,40 +126,28 @@ spec: properties: allowOverwrite: default: true - description: Allow chart versions to be re-uploaded without ?force - querystring type: boolean index: properties: parallelLimit: - description: Parallel scan limit for the repo indexer format: int32 minimum: 0 type: integer storageTimestampTolerance: - description: Timestamp drift tolerated between cached and - generated index before invalidation pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object onlySemver2: default: false - description: Enforce the chart museum server only accepts the - valid chart version as Helm does type: boolean postFormFieldName: - description: Form fields which will be queried properties: chart: default: chart - description: 'Form field which will be queried for the chart - file content Harbor: Expecting chart to use with Harbor' minLength: 1 type: string provenance: default: prov - description: 'Form field which will be queried for the provenance - file content Harbor: Expecting prov to use with Harbor' minLength: 1 type: string type: object @@ -193,14 +155,11 @@ spec: properties: depth: default: 1 - description: 'Levels of nested repos for multitenancy Harbor: - must be set to 1 to support project namespace' format: int32 minimum: 0 type: integer depthDynamic: default: false - description: The length of repo variable type: boolean type: object storage: @@ -213,20 +172,14 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bucket: - description: S3 bucket to store charts for amazon storage type: string endpoint: - description: Alternative s3 endpoint type: string prefix: - description: Prefix to store charts for the bucket type: string region: - description: Region of the bucket type: string serverSideEncryption: - description: ServerSideEncryption is the algorithm for - server side encryption type: string required: - bucket @@ -236,247 +189,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -484,156 +295,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -645,132 +366,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -778,106 +402,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -893,9 +436,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -904,51 +444,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -960,32 +467,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -993,83 +482,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -1077,201 +521,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -1279,159 +610,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -1439,102 +676,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -1546,57 +723,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -1604,50 +740,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -1656,161 +761,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -1818,62 +838,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -1881,83 +858,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -1967,54 +897,33 @@ spec: - volumeSource type: object maxStorageObject: - description: Maximum number of objects allowed in storage - (per tenant) format: int64 minimum: 0 type: integer openstack: properties: authenticationURL: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string container: - description: Container to store charts for openstack storage - backend type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: Prefix to store charts for the container type: string region: - description: Region of the container type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string userid: - description: The Openstack user id. You can either use - username or userid. type: string username: - description: The Openstack user name. You can either use - username or userid. type: string required: - authenticationURL @@ -2022,42 +931,32 @@ spec: type: object type: object url: - description: The absolute url for .tgz files in index.yaml pattern: https?://.* type: string required: - storage type: object disable: - description: Disable some features properties: api: default: false - description: Disable all routes prefixed with type: boolean delete: default: false - description: Disable DELETE route type: boolean forceOverwrite: default: false - description: Do not allow chart versions to be re-uploaded, even - with ?force querystrin type: boolean metrics: default: false - description: Disable Prometheus metrics type: boolean statefiles: default: false - description: Disable use of index-cache.yaml type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -2065,12 +964,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -2079,51 +974,31 @@ spec: properties: debug: default: false - description: Show debug messages type: boolean health: default: false - description: Log inbound /health requests type: boolean json: default: false - description: Output structured logs as json type: boolean latencyInteger: default: true - description: log latency as an integer instead of a string type: boolean type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -2139,8 +1014,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -2149,26 +1022,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: properties: corsAllowOrigin: - description: Value to set in the Access-Control-Allow-Origin HTTP - header type: string maxUploadSize: default: 20971520 - description: Max size of post body (in bytes) format: int64 minimum: 0 type: integer readTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -2178,18 +1043,14 @@ spec: type: string type: object writeTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -2197,42 +1058,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -2240,28 +1077,17 @@ spec: - chart type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -2272,8 +1098,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -2286,7 +1110,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -2315,47 +1138,31 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: ChartMuseum is the Schema for the ChartMuseum API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ChartMuseumSpec defines the desired state of ChartMuseum. properties: authentication: properties: anonymousGet: default: false - description: Allow anonymous GET operations when auth is used type: boolean basicAuthRef: - description: 'Reference to secret containing basic http authentication - Harbor: Harbor try to connect using chart_controller username' pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bearer: - description: Bearer authentication specs properties: certificateRef: - description: Reference to secret containing authorization - server certificate pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string realm: - description: Authorization server url type: string service: - description: Authorization server service name type: string required: - certificateRef @@ -2364,40 +1171,30 @@ spec: type: object type: object cache: - description: Cache stores properties: redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -2411,40 +1208,28 @@ spec: properties: allowOverwrite: default: true - description: Allow chart versions to be re-uploaded without ?force - querystring type: boolean index: properties: parallelLimit: - description: Parallel scan limit for the repo indexer format: int32 minimum: 0 type: integer storageTimestampTolerance: - description: Timestamp drift tolerated between cached and - generated index before invalidation pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object onlySemver2: default: false - description: Enforce the chart museum server only accepts the - valid chart version as Helm does type: boolean postFormFieldName: - description: Form fields which will be queried properties: chart: default: chart - description: 'Form field which will be queried for the chart - file content Harbor: Expecting chart to use with Harbor' minLength: 1 type: string provenance: default: prov - description: 'Form field which will be queried for the provenance - file content Harbor: Expecting prov to use with Harbor' minLength: 1 type: string type: object @@ -2452,14 +1237,11 @@ spec: properties: depth: default: 1 - description: 'Levels of nested repos for multitenancy Harbor: - must be set to 1 to support project namespace' format: int32 minimum: 0 type: integer depthDynamic: default: false - description: The length of repo variable type: boolean type: object storage: @@ -2472,20 +1254,14 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string bucket: - description: S3 bucket to store charts for amazon storage type: string endpoint: - description: Alternative s3 endpoint type: string prefix: - description: Prefix to store charts for the bucket type: string region: - description: Region of the bucket type: string serverSideEncryption: - description: ServerSideEncryption is the algorithm for - server side encryption type: string required: - bucket @@ -2510,247 +1286,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -2758,156 +1392,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -2919,132 +1463,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -3052,106 +1499,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -3167,9 +1533,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -3178,51 +1541,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -3234,32 +1564,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -3267,83 +1579,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -3351,201 +1618,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -3553,159 +1707,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -3713,102 +1773,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -3820,57 +1820,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -3878,50 +1837,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -3930,161 +1858,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -4092,62 +1935,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -4155,83 +1955,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -4243,13 +1996,10 @@ spec: gcs: properties: bucket: - description: bucket to store charts for Gcs storage type: string chunksize: type: string keyDataSecretRef: - description: The base64 encoded json file which contains - the key type: string pathPrefix: type: string @@ -4258,54 +2008,33 @@ spec: - keyDataSecretRef type: object maxStorageObject: - description: Maximum number of objects allowed in storage - (per tenant) format: int64 minimum: 0 type: integer openstack: properties: authenticationURL: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string container: - description: Container to store charts for openstack storage - backend type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: Prefix to store charts for the container type: string region: - description: Region of the container type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string userid: - description: The Openstack user id. You can either use - username or userid. type: string username: - description: The Openstack user name. You can either use - username or userid. type: string required: - authenticationURL @@ -4331,42 +2060,32 @@ spec: type: object type: object url: - description: The absolute url for .tgz files in index.yaml pattern: https?://.* type: string required: - storage type: object disable: - description: Disable some features properties: api: default: false - description: Disable all routes prefixed with type: boolean delete: default: false - description: Disable DELETE route type: boolean forceOverwrite: default: false - description: Do not allow chart versions to be re-uploaded, even - with ?force querystrin type: boolean metrics: default: false - description: Disable Prometheus metrics type: boolean statefiles: default: false - description: Disable use of index-cache.yaml type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -4374,12 +2093,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -4388,61 +2103,38 @@ spec: properties: debug: default: false - description: Show debug messages type: boolean health: default: false - description: Log inbound /health requests type: boolean json: default: false - description: Output structured logs as json type: boolean latencyInteger: default: true - description: log latency as an integer instead of a string type: boolean type: object network: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -4458,8 +2150,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -4468,26 +2158,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: properties: corsAllowOrigin: - description: Value to set in the Access-Control-Allow-Origin HTTP - header type: string maxUploadSize: default: 20971520 - description: Max size of post body (in bytes) format: int64 minimum: 0 type: integer readTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -4497,18 +2179,14 @@ spec: type: string type: object writeTimeout: - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -4516,42 +2194,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -4559,28 +2213,17 @@ spec: - chart type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -4591,8 +2234,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -4605,7 +2246,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -4623,7 +2263,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -4667,22 +2307,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Core is the Schema for the Core API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: CoreSpec defines the desired state of Core. properties: adminInitialPasswordRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -4761,34 +2393,26 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate - to authenticate with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when - connecting to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -4853,9 +2477,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -4865,17 +2486,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -4898,17 +2511,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -4924,10 +2531,8 @@ spec: type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -4935,12 +2540,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -4949,7 +2550,6 @@ spec: properties: level: default: info - description: CoreLogLevel is the log level for Core. enum: - debug - info @@ -4964,12 +2564,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -4977,9 +2575,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -5005,69 +2600,44 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle connections - are not closed. Applications should set the timeout to a value - less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -5083,8 +2653,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -5093,23 +2661,16 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -5117,42 +2678,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -5166,28 +2703,17 @@ spec: - secretRef type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -5198,8 +2724,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -5212,7 +2736,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -5241,22 +2764,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Core is the Schema for the Core API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: CoreSpec defines the desired state of Core. properties: adminInitialPasswordRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -5335,34 +2850,26 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate - to authenticate with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when - connecting to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -5427,9 +2934,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -5439,17 +2943,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -5472,17 +2968,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -5498,10 +2988,8 @@ spec: type: boolean type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -5509,12 +2997,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -5523,7 +3007,6 @@ spec: properties: level: default: info - description: CoreLogLevel is the log level for Core. enum: - debug - info @@ -5538,12 +3021,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -5552,18 +3033,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -5589,69 +3064,44 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle connections - are not closed. Applications should set the timeout to a value - less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -5667,8 +3117,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -5677,23 +3125,16 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -5701,42 +3142,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -5745,41 +3162,31 @@ spec: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -5788,43 +3195,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -5839,28 +3234,17 @@ spec: - secretRef type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -5871,8 +3255,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -5885,7 +3267,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -5903,7 +3284,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -5947,42 +3328,29 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Exporter is the Schema for the Exporter API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ExporterSpec defines the desired state of Exporter. properties: cache: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database and - core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object core: properties: url: - description: The absolute Harbor Core URL. pattern: https?://.+ type: string required: @@ -5991,9 +3359,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -6003,17 +3368,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -6036,27 +3393,19 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: - encryptionKeyRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6064,12 +3413,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6078,7 +3423,6 @@ spec: properties: level: default: info - description: ExporterLogLevel is the log level for Exporter. enum: - debug - info @@ -6090,9 +3434,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics @@ -6104,28 +3445,15 @@ spec: minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -6141,8 +3469,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -6151,20 +3477,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -6178,42 +3497,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -6222,28 +3517,17 @@ spec: - database type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -6254,8 +3538,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -6268,7 +3550,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -6297,42 +3578,29 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Exporter is the Schema for the Exporter API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: ExporterSpec defines the desired state of Exporter. properties: cache: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database and - core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object core: properties: url: - description: The absolute Harbor Core URL. pattern: https?://.+ type: string required: @@ -6341,9 +3609,6 @@ spec: database: properties: database: - description: The database name. Defaults to be the same as the - user name. In certain contexts, the value is checked for extended - formats. minLength: 1 type: string encryptionKeyRef: @@ -6353,17 +3618,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -6386,27 +3643,19 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: - encryptionKeyRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6414,12 +3663,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6427,47 +3672,34 @@ spec: jobservice: properties: redisPool: - description: RedisPoolConfig keeps redis worker info. properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle - connections are not closed. Applications should set the - timeout to a value less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string namespace: type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -6477,7 +3709,6 @@ spec: properties: level: default: info - description: ExporterLogLevel is the log level for Exporter. enum: - debug - info @@ -6490,18 +3721,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics @@ -6513,28 +3738,15 @@ spec: minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -6550,8 +3762,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -6560,20 +3770,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -6587,42 +3790,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -6631,28 +3810,17 @@ spec: - database type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -6663,8 +3831,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -6677,7 +3843,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -6695,7 +3860,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -6746,39 +3911,27 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: HarborCluster is the Schema for the harborclusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborClusterSpec defines the desired state of HarborCluster. properties: chartmuseum: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6786,12 +3939,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6799,35 +3948,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -6843,8 +3974,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -6853,20 +3982,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -6874,43 +3996,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -6922,10 +4019,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -6933,12 +4028,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -6950,12 +4041,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -6963,35 +4052,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -7007,8 +4078,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7017,20 +4086,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -7038,82 +4100,42 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object database: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -7124,15 +4146,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL connections - to encrypt client/server communications for increased security. enum: - disable - allow @@ -7142,9 +4160,6 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -7156,22 +4171,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7179,12 +4188,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -7192,46 +4197,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -7247,8 +4232,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7257,20 +4240,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -7278,43 +4254,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -7331,7 +4282,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -7351,8 +4301,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -7362,7 +4310,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -7391,26 +4338,16 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string imageChartStorage: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -7418,9 +4355,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -7430,8 +4364,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -7446,53 +4378,30 @@ spec: type: boolean type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services for - object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, omit - to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store the - registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks to - be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt must - be true, or this parameter is ignored). type: string region: - description: The AWS region in which your bucket exists. For - the moment, the Go AWS library in use does not use the newer - DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services (Minio, - etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 keys - to allow you to segment data in your bucket if necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS Secret - Key. If you use IAM roles, omit to fetch temporary credentials - from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -7500,64 +4409,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is set - to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version 4 - of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. See: - https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. It - is used by HP Cloud Object Storage in addition to the secretkey - parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for example - 3. By default the driver autodetects the auth’s version - from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you wish - to store the registry’s data. The driver creates the named - container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 API. - You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 API. - You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to swift. enum: - public - internal @@ -7565,39 +4447,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set to - true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container if necessary. - Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either use - tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either use - tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -7607,7 +4474,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7615,42 +4481,28 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object inClusterCache: - description: Cache configuration for in-cluster cache services properties: kind: - description: Set the kind of cache service to be used. Only support - Redis now. enum: - Redis type: string redisSpec: - description: RedisSpec is the specification of redis. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7658,53 +4510,29 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array sentinel: - description: Sentinel is the configuration of the redis sentinel. properties: replicas: default: 1 - description: Replicas is the instance number of redis - sentinel. type: integer type: object server: - description: Server is the configuration of the redis server. properties: replicas: default: 1 - description: Replicas is the instance number of redis - server. type: integer resources: - description: Resources is the resources requests and limits - for redis. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -7720,8 +4548,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7730,19 +4556,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object storage: - description: Storage is the size of the redis storage. type: string storageClassName: - description: StorageClassName is the storage class name - of the redis storage. type: string type: object type: object @@ -7751,21 +4569,16 @@ spec: - redisSpec type: object inClusterDatabase: - description: Database configuration for in-cluster database service properties: kind: - description: Set the kind of which database service to be used, - Only support PostgresSQL now. enum: - PostgresSQL type: string postgresSqlSpec: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7773,38 +4586,21 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array replicas: - description: Replicas defines database instance replicas minimum: 1 type: integer resources: - description: Resources defines database pod resource config properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -7820,8 +4616,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7830,19 +4624,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object storage: - description: Storage defines database data store pvc size type: string storageClassName: - description: StorageClassName defines use which StorageClass - to create pvc type: string type: object required: @@ -7850,22 +4636,16 @@ spec: - postgresSqlSpec type: object inClusterStorage: - description: Storage configuration for in-cluster storage service properties: kind: - description: Kind of which storage service to be used. Only support - MinIO now. enum: - MinIO type: string minIOSpec: - description: inCLuster options. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7873,25 +4653,17 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array mc: - description: MinIOClientSpec the spec for the mc properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -7899,26 +4671,17 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic type: array type: object redirect: - description: Determine if the redirection of minio storage - is disabled. properties: enable: default: true - description: Default is true type: boolean expose: properties: @@ -7930,7 +4693,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -7953,31 +4715,15 @@ spec: - enable type: object replicas: - description: Supply number of replicas. For standalone mode, - supply 1. For distributed mode, supply 4 to 16 drives (should - be even). Note that the operator does not support upgrading - from standalone to distributed mode. format: int32 minimum: 1 type: integer resources: - description: If provided, use these requests and limit for - cpu/memory resource allocation properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -7993,8 +4739,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8003,76 +4747,32 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: - description: Reference to the secret containing the MinIO - access key and secret key. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string volumeClaimTemplate: - description: VolumeClaimTemplate allows a user to specify - how volumes inside a MinIOInstance properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' type: object spec: - description: 'spec defines the desired characteristics - of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If the - provisioner or an external controller can support - the specified data source, it will create a new - volume based on the contents of the specified data - source. When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be copied to - dataSourceRef, and dataSourceRef contents will be - copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, - then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. - For any other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource being - referenced type: string name: - description: Name is the name of resource being - referenced type: string required: - kind @@ -8080,89 +4780,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the object from - which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a - non-empty API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume binding - will only succeed if the type of the specified object - matches some installed volume populator or dynamic - provisioner. This field will replace the functionality - of the dataSource field and as such if both fields - are non-empty, they must have the same value. For - backwards compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource and dataSourceRef) - will be set to the same value automatically if one - of them is empty and the other is non-empty. When - namespace is specified in dataSourceRef, dataSource - isn''t set to the same value and must be empty. - There are three important differences between dataSource - and dataSourceRef: * While dataSource only allows - two specific types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves all values, - and generates an error if a disallowed value is - specified. * While dataSource only allows local - objects, dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using the namespace - field of dataSourceRef requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. - For any other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource being - referenced type: string name: - description: Name is the name of resource being - referenced type: string namespace: - description: Namespace is the namespace of resource - being referenced Note that when a namespace - is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept the - reference. See the ReferenceGrant documentation - for details. (Alpha) This field requires the - CrossNamespaceVolumeDataSource feature gate - to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum resources - the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity recorded - in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of - one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes - that resource available inside a container. type: string required: - name @@ -8178,8 +4814,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8188,43 +4822,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over volumes - to consider for binding. properties: matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. properties: key: - description: key is the label key that the - selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. items: type: string type: array @@ -8236,38 +4845,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name of the - StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem is - implied when not included in claim spec. type: string volumeName: - description: volumeName is the binding reference to - the PersistentVolume backing this claim. type: string type: object status: - description: 'status represents the current information/status - of a persistent volume claim. Read-only. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the actual access - modes the volume backing the PVC has. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array @@ -8278,20 +4868,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage resource - within AllocatedResources tracks the capacity allocated - to a PVC. It may be larger than the actual capacity - when a volume expansion operation is requested. - For storage quota, the larger value from allocatedResources - and PVC.spec.resources is used. If allocatedResources - is not set, PVC.spec.resources alone is used for - quota calculation. If a volume expansion capacity - request is lowered, allocatedResources is only lowered - if there are no expansion operations in progress - and if the actual volume capacity is equal or lower - than the requested capacity. This is an alpha field - and requires enabling RecoverVolumeExpansionFailure - feature. type: object capacity: additionalProperties: @@ -8300,46 +4876,23 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. type: object conditions: - description: conditions is the current Condition of - persistent volume claim. If underlying persistent - volume is being resized then the Condition will - be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition contails - details about state of pvc properties: lastProbeTime: - description: lastProbeTime is the time we probed - the condition. format: date-time type: string lastTransitionTime: - description: lastTransitionTime is the time - the condition transitioned from one status - to another. format: date-time type: string message: - description: message is the human-readable message - indicating details about last transition. type: string reason: - description: reason is a unique, this should - be a short, machine understandable string - that gives the reason for condition's last - transition. If it reports "ResizeStarted" - that means the underlying persistent volume - is being resized. type: string status: type: string type: - description: PersistentVolumeClaimConditionType - is a valid value of PersistentVolumeClaimCondition.Type type: string required: - status @@ -8347,22 +4900,12 @@ spec: type: object type: array phase: - description: phase represents the current phase of - PersistentVolumeClaim. type: string resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default but - when expansion is complete resizeStatus is set to - empty string by resize controller or kubelet. This - is an alpha field and requires enabling RecoverVolumeExpansionFailure - feature. type: string type: object type: object volumesPerServer: - description: Number of persistent volumes that will be attached - per server format: int32 minimum: 1 type: integer @@ -8387,10 +4930,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8398,12 +4939,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8411,35 +4948,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -8455,8 +4974,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8465,20 +4982,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8486,43 +4996,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -8534,7 +5019,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -8546,15 +5030,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8562,13 +5043,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8576,36 +5052,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -8621,8 +5078,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8631,21 +5086,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8653,44 +5100,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -8698,10 +5119,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8709,13 +5128,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8723,36 +5137,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -8768,8 +5163,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8778,21 +5171,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8800,44 +5185,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -8846,10 +5205,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -8857,12 +5214,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8870,35 +5223,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -8914,8 +5249,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8924,20 +5257,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -8945,43 +5271,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9013,31 +5314,22 @@ spec: type: array type: object redis: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -9049,10 +5341,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9060,12 +5350,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9077,12 +5363,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -9090,38 +5374,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9137,8 +5403,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9147,15 +5411,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -9172,7 +5430,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9180,43 +5437,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9224,10 +5456,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9235,12 +5465,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9248,35 +5474,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9292,8 +5500,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9302,20 +5508,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9323,43 +5522,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9371,14 +5545,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9386,12 +5556,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9399,35 +5565,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9443,8 +5591,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9453,57 +5599,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -9512,7 +5634,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9520,43 +5641,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -9567,7 +5663,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -9577,33 +5672,20 @@ spec: - version type: object status: - description: HarborClusterStatus defines the observed state of HarborCluster. properties: conditions: - description: Conditions of each components items: - description: HarborClusterCondition contains details for the current - condition of this pod. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. format: date-time type: string message: - description: Human-readable message indicating details about - last transition. type: string reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. type: string status: - description: Status is the status of the condition. Can be True, - False, Unknown. type: string type: - description: Type is the type of the condition. type: string required: - status @@ -9614,8 +5696,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -9628,14 +5708,9 @@ spec: type: string type: object revision: - description: Revision of the status Use unix nano format: int64 type: integer status: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file Status indicates the overall status of the Harbor cluster - Status can be "unknown", "creating", "healthy" and "unhealthy"' type: string required: - revision @@ -9668,60 +5743,41 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: HarborCluster is the Schema for the harborclusters API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborClusterSpec defines the desired state of HarborCluster. properties: cache: - description: Cache configuration for in-cluster cache services properties: kind: - description: Set the kind of cache service to be used. Only support - Redis now. enum: - Redis - RedisFailover type: string spec: - description: RedisSpec is the specification of redis. properties: redis: properties: certificateRef: - description: Secret containing the client certificate - to authenticate with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when - connecting to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -9729,10 +5785,8 @@ spec: redisFailover: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9740,14 +5794,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9755,43 +5803,22 @@ spec: operatorVersion: type: string sentinel: - description: Sentinel is the configuration of the redis - sentinel. properties: replicas: default: 1 - description: Replicas is the instance number of redis - sentinel. type: integer type: object server: - description: Server is the configuration of the redis - server. properties: replicas: default: 1 - description: Replicas is the instance number of redis - server. type: integer resources: - description: Resources is the resources requests and - limits for redis. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of - one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes - that resource available inside a container. type: string required: - name @@ -9807,8 +5834,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9817,12 +5842,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: @@ -9830,11 +5849,8 @@ spec: name of the redis server. type: string storage: - description: Storage is the size of the redis storage. type: string storageClassName: - description: StorageClassName is the storage class - name of the redis storage. type: string type: object required: @@ -9849,18 +5865,14 @@ spec: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -9868,12 +5880,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9881,35 +5889,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -9925,8 +5915,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -9935,20 +5923,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -9956,43 +5937,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10004,10 +5960,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10015,12 +5969,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10042,12 +5992,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -10055,35 +6003,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -10099,8 +6029,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10109,20 +6037,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10130,59 +6051,29 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10190,11 +6081,8 @@ spec: - tokenIssuer type: object database: - description: Database configuration for in-cluster database service properties: kind: - description: Set the kind of which database service to be used, - Only support PostgreSQL now. enum: - PostgreSQL - Zlando/PostgreSQL @@ -10207,18 +6095,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host - name begins with a slash, it specifies Unix-domain - communication rather than TCP/IP communication; - the value is the name of the directory in which - the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port - number established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -10229,16 +6108,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used - if the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL - connections to encrypt client/server communications - for increased security. enum: - disable - allow @@ -10248,24 +6122,18 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string required: - hosts type: object zlandoPostgreSql: - description: ZlandoPostgreSQL properties: connectTimeout: type: integer image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10273,14 +6141,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10290,24 +6152,11 @@ spec: replicas: type: integer resources: - description: ResourceRequirements describes the compute - resource requirements. properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -10323,8 +6172,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10333,11 +6180,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object sslConfig: @@ -10360,22 +6202,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10383,12 +6219,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10396,46 +6228,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -10451,8 +6263,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10461,20 +6271,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10482,43 +6285,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10535,7 +6313,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -10557,8 +6334,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -10568,7 +6343,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -10601,7 +6375,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10609,23 +6382,15 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object internalTLS: @@ -10641,10 +6406,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10652,12 +6415,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10669,12 +6428,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -10682,35 +6439,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -10726,8 +6465,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10736,33 +6473,19 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: scanDataExportsPersistentVolume: - description: ScanDataExportsPersistentVolume specify the persistent - volume used to store data exports. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -10771,7 +6494,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10779,43 +6501,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -10827,7 +6524,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -10836,13 +6532,9 @@ spec: - fatal type: string network: - description: Network settings for the harbor properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object @@ -10850,15 +6542,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -10866,13 +6555,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -10880,36 +6564,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -10925,8 +6590,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -10935,21 +6598,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -10957,44 +6612,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -11002,10 +6631,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11013,13 +6640,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11027,36 +6649,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -11072,8 +6675,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11082,21 +6683,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11104,44 +6697,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -11150,10 +6717,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11161,12 +6726,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11174,35 +6735,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -11218,8 +6761,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11228,20 +6769,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11249,43 +6783,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -11323,10 +6832,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11334,12 +6841,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11351,12 +6854,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -11364,38 +6865,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -11411,8 +6894,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11421,15 +6902,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -11446,7 +6921,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11454,43 +6928,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -11498,10 +6947,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11509,12 +6956,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11522,35 +6965,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -11566,8 +6991,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11576,20 +6999,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -11597,53 +7013,25 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object storage: - description: Storage configuration for in-cluster storage service properties: kind: - description: Kind of which storage service to be used. Only support - MinIO now. enum: - MinIO - S3 @@ -11654,7 +7042,6 @@ spec: - Oss type: string spec: - description: the spec of Storage. properties: azure: properties: @@ -11676,15 +7063,10 @@ spec: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -11692,9 +7074,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -11704,8 +7083,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -11716,25 +7093,19 @@ spec: gcs: properties: bucket: - description: bucket to store charts for Gcs storage type: string chunkSize: type: string keyDataRef: - description: The base64 encoded json file which contains - the key type: string pathPrefix: type: string type: object minIO: - description: inCluster options. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11742,26 +7113,17 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the - same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic type: array mc: - description: MinIOClientSpec the spec for the mc properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -11769,15 +7131,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough - information to let you locate the referenced object - inside the same namespace. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -11785,15 +7140,11 @@ spec: type: object operatorVersion: default: 4.0.6 - description: the version of minIO operator type: string redirect: - description: deprecated Determine if the redirection of - minio storage is disabled. properties: enable: default: true - description: Default is true type: boolean expose: properties: @@ -11805,7 +7156,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -11830,33 +7180,15 @@ spec: - enable type: object replicas: - description: Supply number of replicas. For standalone - mode, supply 1. For distributed mode, supply 4 to 16 - drives (should be even). Note that the operator does - not support upgrading from standalone to distributed - mode. format: int32 minimum: 1 type: integer resources: - description: If provided, use these requests and limit - for cpu/memory resource allocation properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable." items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -11872,8 +7204,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11882,81 +7212,32 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: - description: Reference to the secret containing the MinIO - access key and secret key. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string volumeClaimTemplate: - description: VolumeClaimTemplate allows a user to specify - how volumes inside a MinIOInstance properties: apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' type: object spec: - description: 'spec defines the desired characteristics - of a volume requested by a pod author. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used to - specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) If - the provisioner or an external controller can - support the specified data source, it will create - a new volume based on the contents of the specified - data source. When the AnyVolumeDataSource feature - gate is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef contents - will be copied to dataSource when dataSourceRef.namespace - is not specified. If the namespace is specified, - then dataSourceRef will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup is - not specified, the specified Kind must be - in the core API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -11964,94 +7245,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the object - from which to populate the volume with data, - if a non-empty volume is desired. This may be - any object from a non-empty API group (non core - object) or a PersistentVolumeClaim object. When - this field is specified, volume binding will - only succeed if the type of the specified object - matches some installed volume populator or dynamic - provisioner. This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the same - value. For backwards compatibility, when namespace - isn''t specified in dataSourceRef, both fields - (dataSource and dataSourceRef) will be set to - the same value automatically if one of them - is empty and the other is non-empty. When namespace - is specified in dataSourceRef, dataSource isn''t - set to the same value and must be empty. There - are three important differences between dataSource - and dataSourceRef: * While dataSource only allows - two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef preserves - all values, and generates an error if a disallowed - value is specified. * While dataSource only - allows local objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this field requires - the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup is - not specified, the specified Kind must be - in the core API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace of - resource being referenced Note that when - a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant documentation - for details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to specify - resource requirements that are lower than previous - value but must still be higher than capacity - recorded in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are - used by this container. \n This is an alpha - field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one - entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name - of one entry in pod.spec.resourceClaims - of the Pod where this field is used. - It makes that resource available inside - a container. type: string required: - name @@ -12067,9 +7279,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -12078,46 +7287,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If - Requests is omitted for a container, it - defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over volumes - to consider for binding. properties: matchExpressions: - description: matchExpressions is a list of - label selector requirements. The requirements - are ANDed. items: - description: A label selector requirement - is a selector that contains values, a - key, and an operator that relates the - key and values. properties: key: - description: key is the label key that - the selector applies to. type: string operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -12129,39 +7310,19 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only - "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name of - the StorageClass required by the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object status: - description: 'status represents the current information/status - of a persistent volume claim. Read-only. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: accessModes: - description: 'accessModes contains the actual - access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array @@ -12172,20 +7333,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: allocatedResources is the storage - resource within AllocatedResources tracks the - capacity allocated to a PVC. It may be larger - than the actual capacity when a volume expansion - operation is requested. For storage quota, the - larger value from allocatedResources and PVC.spec.resources - is used. If allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation. If a volume - expansion capacity request is lowered, allocatedResources - is only lowered if there are no expansion operations - in progress and if the actual volume capacity - is equal or lower than the requested capacity. - This is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature. type: object capacity: additionalProperties: @@ -12194,47 +7341,23 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. type: object conditions: - description: conditions is the current Condition - of persistent volume claim. If underlying persistent - volume is being resized then the Condition will - be set to 'ResizeStarted'. items: - description: PersistentVolumeClaimCondition - contails details about state of pvc properties: lastProbeTime: - description: lastProbeTime is the time we - probed the condition. format: date-time type: string lastTransitionTime: - description: lastTransitionTime is the time - the condition transitioned from one status - to another. format: date-time type: string message: - description: message is the human-readable - message indicating details about last - transition. type: string reason: - description: reason is a unique, this should - be a short, machine understandable string - that gives the reason for condition's - last transition. If it reports "ResizeStarted" - that means the underlying persistent volume - is being resized. type: string status: type: string type: - description: PersistentVolumeClaimConditionType - is a valid value of PersistentVolumeClaimCondition.Type type: string required: - status @@ -12242,22 +7365,12 @@ spec: type: object type: array phase: - description: phase represents the current phase - of PersistentVolumeClaim. type: string resizeStatus: - description: resizeStatus stores status of resize - operation. ResizeStatus is not set by default - but when expansion is complete resizeStatus - is set to empty string by resize controller - or kubelet. This is an alpha field and requires - enabling RecoverVolumeExpansionFailure feature. type: string type: object type: object volumesPerServer: - description: Number of persistent volumes that will be - attached per server format: int32 minimum: 1 type: integer @@ -12275,15 +7388,11 @@ spec: bucket: type: string chunksize: - description: The Oss API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean endpoint: type: string @@ -12305,12 +7414,9 @@ spec: - region type: object redirect: - description: Determine if the redirection of minio storage - is disabled. properties: enable: default: true - description: Default is true type: boolean expose: properties: @@ -12322,7 +7428,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -12349,30 +7454,20 @@ spec: s3: properties: accesskey: - description: The AWS Access Key. If you use IAM roles, - omit to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store - the registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt - must be true, or this parameter is ignored). type: string multipartcopychunksize: format: int64 @@ -12384,24 +7479,12 @@ spec: format: int64 type: integer region: - description: The AWS region in which your bucket exists. - For the moment, the Go AWS library in use does not use - the newer DNS based bucket routing. For a list of regions, - see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services - (Minio, etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 - keys to allow you to segment data in your bucket if - necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS - Secret Key. If you use IAM roles, omit to fetch temporary - credentials from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -12409,18 +7492,12 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is - set to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version - 4 of AWS’s authentication. type: boolean required: - bucket @@ -12429,42 +7506,23 @@ spec: swift: properties: accesskey: - description: The access key to generate temporary URLs. - It is used by HP Cloud Object Storage in addition to - the secretkey parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for - example 3. By default the driver autodetects the auth’s - version from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you - wish to store the registry’s data. The driver creates - the named container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to - swift. enum: - public - internal @@ -12472,40 +7530,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set - to true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container - if necessary. Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary - URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -12517,46 +7559,35 @@ spec: - spec type: object trace: - description: Trace settings for the harbor properties: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -12565,43 +7596,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -12613,14 +7632,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -12628,12 +7643,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -12641,42 +7652,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object offlineScan: default: false - description: Option prevents Trivy from sending API requests to - identify dependencies. This option doesn’t affect DB download. - You need to specify "skip-update" as well as "offline-scan" - in an air-gapped environment. type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -12692,8 +7681,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -12702,57 +7689,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -12761,7 +7724,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -12769,43 +7731,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -12816,7 +7753,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -12829,33 +7765,20 @@ spec: - version type: object status: - description: HarborClusterStatus defines the observed state of HarborCluster. properties: conditions: - description: Conditions of each components items: - description: HarborClusterCondition contains details for the current - condition of this pod. properties: lastTransitionTime: - description: Last time the condition transitioned from one status - to another. format: date-time type: string message: - description: Human-readable message indicating details about - last transition. type: string reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. type: string status: - description: Status is the status of the condition. Can be True, - False, Unknown. type: string type: - description: Type is the type of the condition. type: string required: - status @@ -12866,8 +7789,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -12880,14 +7801,9 @@ spec: type: string type: object revision: - description: Revision of the status Use unix nano format: int64 type: integer status: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file Status indicates the overall status of the Harbor cluster - Status can be "unknown", "creating", "healthy" and "unhealthy"' type: string required: - revision @@ -12903,11 +7819,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: harborconfigurations.goharbor.io spec: group: goharbor.io @@ -12941,424 +7856,259 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: HarborConfiguration is the Schema for the harbors configuration. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborConfigurationSpec defines the spec of HarborConfiguration. properties: configuration: - description: Configuration defines the harbor configuration types. properties: authMode: - description: The auth mode of current system, such as "db_auth", - "ldap_auth", "oidc_auth". type: string emailFrom: - description: The sender name for Email notification. type: string emailHost: - description: The hostname of SMTP server that sends Email notification. type: string emailIdentity: - description: By default it's empty so the email_username is picked type: string emailInsecure: - description: Whether or not the certificate will be verified when - Harbor tries to access the email server. type: boolean emailPassword: - description: Email password. type: string emailPort: - description: The port of SMTP server. type: integer emailSsl: - description: When it''s set to true the system will access Email - server via TLS by default. If it''s set to false, it still - will handle "STARTTLS" from server side. type: boolean emailUsername: - description: The username for authenticate against SMTP server. type: string httpAuthproxyAdminGroups: - description: The group which has the harbor admin privileges. type: string httpAuthproxyAdminUsernames: - description: The username which has the harbor admin privileges. type: string httpAuthproxyEndpoint: - description: The endpoint of the HTTP auth. type: string httpAuthproxyServerCertificate: - description: The certificate of the HTTP auth provider. type: boolean httpAuthproxySkipSearch: - description: Search user before onboard. type: boolean httpAuthproxyTokenreviewEndpoint: - description: The token review endpoint. type: string httpAuthproxyVerifyCert: - description: Verify the HTTP auth provider's certificate. type: boolean ldapBaseDn: - description: The Base DN for LDAP binding. type: string ldapFilter: - description: The filter for LDAP search. type: string ldapGroupAdminDn: - description: Specify the ldap group which have the same privilege - with Harbor admin. type: string ldapGroupAttributeName: - description: The attribute which is used as identity of the LDAP - group, default is cn. type: string ldapGroupBaseDn: - description: The base DN to search LDAP group. type: string ldapGroupMembershipAttribute: - description: The user attribute to identify the group membership. type: string ldapGroupSearchFilter: - description: The filter to search the ldap group. type: string ldapGroupSearchScope: - description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''. type: integer ldapScope: - description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'. type: integer ldapSearchDn: - description: The DN of the user to do the search. type: string ldapSearchPassword: - description: The password ref of the ldap search dn. type: string ldapTimeout: - description: Timeout in seconds for connection to LDAP server. type: integer ldapUid: - description: The attribute which is used as identity for the LDAP - binding, such as "CN" or "SAMAccountname". type: string ldapUrl: - description: The URL of LDAP server. type: string ldapVerifyCert: - description: Whether verify your OIDC server certificate, disable - it if your OIDC server is hosted via self-hosted certificate. type: boolean notificationEnable: - description: Enable notification. type: boolean oidcAdminGroup: - description: The OIDC group which has the harbor admin privileges. type: string oidcAutoOnboard: - description: Auto onboard the OIDC user. type: boolean oidcClientId: - description: The client ID of the OIDC provider. type: string oidcClientSecret: - description: The OIDC provider secret. type: string oidcEndpoint: - description: The endpoint of the OIDC provider. type: string oidcExtraRedirectParms: - description: Extra parameters to add when redirect request to - OIDC provider. type: string oidcGroupsClaim: - description: The attribute claims the group name. type: string oidcName: - description: The OIDC provider name. type: string oidcScope: - description: The scope of the OIDC provider. type: string oidcUserClaim: - description: The attribute claims the username. type: string oidcVerifyCert: - description: Verify the OIDC provider's certificate'. type: boolean projectCreationRestriction: - description: Indicate who can create projects, it could be ''adminonly'' - or ''everyone''. type: string quotaPerProjectEnable: - description: Enable quota per project. type: boolean readOnly: - description: The flag to indicate whether Harbor is in readonly - mode. type: boolean robotNamePrefix: - description: The rebot account name prefix. type: string robotTokenDuration: - description: The robot account token duration in days. type: integer selfRegistration: - description: Whether the Harbor instance supports self-registration. If - it''s set to false, admin need to add user to the instance. type: boolean storagePerProject: - description: The storage quota per project. type: integer tokenExpiration: - description: The expiration time of the token for internal Registry, - in minutes. type: integer uaaClientId: - description: The client id of UAA. type: string uaaClientSecret: - description: The client secret of the UAA. type: string uaaEndpoint: - description: The endpoint of the UAA. type: string uaaVerifyCert: - description: Verify the certificate in UAA server. type: boolean type: object harborClusterRef: - description: HarborClusterRef defines the reference of the harbor - cluster name. type: string type: object status: - description: HarborConfigurationStatus defines the status of HarborConfiguration. properties: lastApplyTime: - description: LastApplyTime represents the last apply configuration - time. format: date-time type: string lastConfiguration: - description: LastConfiguration represents the configuration of last - time. properties: configuration: - description: Configuration defines the harbor configuration types. properties: authMode: - description: The auth mode of current system, such as "db_auth", - "ldap_auth", "oidc_auth". type: string emailFrom: - description: The sender name for Email notification. type: string emailHost: - description: The hostname of SMTP server that sends Email - notification. type: string emailIdentity: - description: By default it's empty so the email_username is - picked type: string emailInsecure: - description: Whether or not the certificate will be verified - when Harbor tries to access the email server. type: boolean emailPassword: - description: Email password. type: string emailPort: - description: The port of SMTP server. type: integer emailSsl: - description: When it''s set to true the system will access - Email server via TLS by default. If it''s set to false, - it still will handle "STARTTLS" from server side. type: boolean emailUsername: - description: The username for authenticate against SMTP server. type: string httpAuthproxyAdminGroups: - description: The group which has the harbor admin privileges. type: string httpAuthproxyAdminUsernames: - description: The username which has the harbor admin privileges. type: string httpAuthproxyEndpoint: - description: The endpoint of the HTTP auth. type: string httpAuthproxyServerCertificate: - description: The certificate of the HTTP auth provider. type: boolean httpAuthproxySkipSearch: - description: Search user before onboard. type: boolean httpAuthproxyTokenreviewEndpoint: - description: The token review endpoint. type: string httpAuthproxyVerifyCert: - description: Verify the HTTP auth provider's certificate. type: boolean ldapBaseDn: - description: The Base DN for LDAP binding. type: string ldapFilter: - description: The filter for LDAP search. type: string ldapGroupAdminDn: - description: Specify the ldap group which have the same privilege - with Harbor admin. type: string ldapGroupAttributeName: - description: The attribute which is used as identity of the - LDAP group, default is cn. type: string ldapGroupBaseDn: - description: The base DN to search LDAP group. type: string ldapGroupMembershipAttribute: - description: The user attribute to identify the group membership. type: string ldapGroupSearchFilter: - description: The filter to search the ldap group. type: string ldapGroupSearchScope: - description: The scope to search ldap group. ''0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE''. type: integer ldapScope: - description: The scope to search ldap users,'0-LDAP_SCOPE_BASE, - 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE'. type: integer ldapSearchDn: - description: The DN of the user to do the search. type: string ldapSearchPassword: - description: The password ref of the ldap search dn. type: string ldapTimeout: - description: Timeout in seconds for connection to LDAP server. type: integer ldapUid: - description: The attribute which is used as identity for the - LDAP binding, such as "CN" or "SAMAccountname". type: string ldapUrl: - description: The URL of LDAP server. type: string ldapVerifyCert: - description: Whether verify your OIDC server certificate, - disable it if your OIDC server is hosted via self-hosted - certificate. type: boolean notificationEnable: - description: Enable notification. type: boolean oidcAdminGroup: - description: The OIDC group which has the harbor admin privileges. type: string oidcAutoOnboard: - description: Auto onboard the OIDC user. type: boolean oidcClientId: - description: The client ID of the OIDC provider. type: string oidcClientSecret: - description: The OIDC provider secret. type: string oidcEndpoint: - description: The endpoint of the OIDC provider. type: string oidcExtraRedirectParms: - description: Extra parameters to add when redirect request - to OIDC provider. type: string oidcGroupsClaim: - description: The attribute claims the group name. type: string oidcName: - description: The OIDC provider name. type: string oidcScope: - description: The scope of the OIDC provider. type: string oidcUserClaim: - description: The attribute claims the username. type: string oidcVerifyCert: - description: Verify the OIDC provider's certificate'. type: boolean projectCreationRestriction: - description: Indicate who can create projects, it could be - ''adminonly'' or ''everyone''. type: string quotaPerProjectEnable: - description: Enable quota per project. type: boolean readOnly: - description: The flag to indicate whether Harbor is in readonly - mode. type: boolean robotNamePrefix: - description: The rebot account name prefix. type: string robotTokenDuration: - description: The robot account token duration in days. type: integer selfRegistration: - description: Whether the Harbor instance supports self-registration. If - it''s set to false, admin need to add user to the instance. type: boolean storagePerProject: - description: The storage quota per project. type: integer tokenExpiration: - description: The expiration time of the token for internal - Registry, in minutes. type: integer uaaClientId: - description: The client id of UAA. type: string uaaClientSecret: - description: The client secret of the UAA. type: string uaaEndpoint: - description: The endpoint of the UAA. type: string uaaVerifyCert: - description: Verify the certificate in UAA server. type: boolean type: object harborClusterRef: - description: HarborClusterRef defines the reference of the harbor - cluster name. type: string type: object message: - description: Message provides human-readable message. type: string reason: - description: Reason represents status reason. type: string status: - description: Status represents harbor configuration status. type: string type: object type: object @@ -13416,14 +8166,8 @@ spec: description: HarborProject is the Schema for the harbors projects. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -13529,8 +8273,6 @@ spec: description: HarborProjectStatus defines the status of HarborProject. properties: lastApplyTime: - description: LastApplyTime represents the last apply configuration - time. format: date-time type: string membershipHash: @@ -13538,7 +8280,6 @@ spec: in project membership. type: string message: - description: Message provides human-readable message. type: string projectID: description: ProjectID represents ID of the managed project. @@ -13550,7 +8291,6 @@ spec: format: int64 type: integer reason: - description: Reason represents status reason. type: string status: description: Status represents harbor project status. @@ -13567,7 +8307,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -13623,39 +8363,27 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Harbor is the Schema for the harbors API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborSpec defines the desired state of Harbor. properties: chartmuseum: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -13663,12 +8391,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -13676,35 +8400,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -13720,8 +8426,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -13730,20 +8434,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -13751,43 +8448,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -13799,10 +8471,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -13810,12 +8480,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -13827,12 +8493,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -13840,35 +8504,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -13884,8 +8530,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -13894,20 +8538,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -13915,82 +8552,42 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object database: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -14001,15 +8598,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL connections - to encrypt client/server communications for increased security. enum: - disable - allow @@ -14019,9 +8612,6 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -14033,22 +8623,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14056,12 +8640,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14069,46 +8649,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -14124,8 +8684,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14134,20 +8692,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14155,43 +8706,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -14208,7 +8734,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -14228,8 +8753,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -14239,7 +8762,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -14268,26 +8790,16 @@ spec: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string imageChartStorage: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -14295,9 +8807,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -14307,8 +8816,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -14323,53 +8830,30 @@ spec: type: boolean type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services for - object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, omit - to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store the - registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks to - be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt must - be true, or this parameter is ignored). type: string region: - description: The AWS region in which your bucket exists. For - the moment, the Go AWS library in use does not use the newer - DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services (Minio, - etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 keys - to allow you to segment data in your bucket if necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS Secret - Key. If you use IAM roles, omit to fetch temporary credentials - from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -14377,64 +8861,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is set - to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version 4 - of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. See: - https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. It - is used by HP Cloud Object Storage in addition to the secretkey - parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for example - 3. By default the driver autodetects the auth’s version - from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you wish - to store the registry’s data. The driver creates the named - container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 API. - You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 API. - You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to swift. enum: - public - internal @@ -14442,39 +8899,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set to - true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container if necessary. - Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either use - tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either use - tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -14484,7 +8926,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14492,23 +8933,15 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object internalTLS: @@ -14524,10 +8957,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14535,12 +8966,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14548,35 +8975,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -14592,8 +9001,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14602,20 +9009,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14623,43 +9023,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -14671,7 +9046,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -14683,15 +9057,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14699,13 +9070,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14713,36 +9079,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -14758,8 +9105,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14768,21 +9113,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14790,44 +9127,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -14835,10 +9146,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14846,13 +9155,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -14860,36 +9164,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -14905,8 +9190,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14915,21 +9198,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -14937,44 +9212,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -14983,10 +9232,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -14994,12 +9241,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15007,35 +9250,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15051,8 +9276,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15061,20 +9284,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15082,43 +9298,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15150,31 +9341,22 @@ spec: type: array type: object redis: - description: Skip OpenAPI schema validation Use validating webhook - to do verification (field required) properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -15186,10 +9368,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15197,12 +9377,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15214,12 +9390,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -15227,38 +9401,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15274,8 +9430,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15284,15 +9438,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -15309,7 +9457,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15317,43 +9464,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15361,10 +9483,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15372,12 +9492,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15385,35 +9501,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15429,8 +9527,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15439,20 +9535,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15460,43 +9549,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15508,14 +9572,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15523,12 +9583,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15536,35 +9592,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15580,8 +9618,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15590,57 +9626,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -15649,7 +9661,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15657,43 +9668,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15704,7 +9690,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -15714,28 +9699,17 @@ spec: - version type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -15746,8 +9720,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -15760,7 +9732,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -15799,39 +9770,27 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Harbor is the Schema for the harbors API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborSpec defines the desired state of Harbor. properties: chartmuseum: properties: absoluteUrl: default: false - description: Harbor defaults ChartMuseum to returning relative - urls, if you want using absolute url you should enable it type: boolean certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15839,12 +9798,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -15852,35 +9807,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -15896,8 +9833,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -15906,20 +9841,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -15927,43 +9855,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -15975,10 +9878,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -15986,12 +9887,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -16013,12 +9910,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -16026,35 +9921,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -16070,8 +9947,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -16080,20 +9955,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -16101,59 +9969,29 @@ spec: description: Custom Labels to be added into the pods type: object tokenIssuer: - description: ObjectReference is a reference to an object with - a given name, kind and group. properties: group: - description: Group of the resource being referred to. type: string kind: - description: Kind of the resource being referred to. type: string name: - description: Name of the resource being referred to. type: string required: - name type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -16166,17 +10004,9 @@ spec: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the name - of the directory in which the socket file is stored. minLength: 1 type: string port: - description: Port number to connect to at the server host, - or socket file name extension for Unix-domain connections. - Zero, specifies the default port number established when - PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -16187,15 +10017,11 @@ spec: minItems: 1 type: array passwordRef: - description: Secret containing the password to be used if the - server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: type: string sslMode: - description: PostgreSQL has native support for using SSL connections - to encrypt client/server communications for increased security. enum: - disable - allow @@ -16205,9 +10031,6 @@ spec: - verify-full type: string username: - description: PostgreSQL user name to connect as. Defaults to be - the same as the operating system name of the user running the - application. minLength: 1 type: string required: @@ -16219,22 +10042,16 @@ spec: properties: cleanInterval: default: 4h - description: The interval to clean the cache info from the - database and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string duration: default: 30s - description: The duration to cache info from the database - and core. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)? type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -16242,12 +10059,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -16255,46 +10068,26 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object path: default: /metrics - description: The metrics path of the exporter. pattern: /.+ type: string port: default: 8001 - description: The port of the exporter. format: int32 minimum: 1 type: integer replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -16310,8 +10103,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -16320,20 +10111,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -16341,43 +10125,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -16394,7 +10153,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -16416,8 +10174,6 @@ spec: type: object type: object notary: - description: The ingress of the notary, required when notary component - enabled. properties: ingress: properties: @@ -16427,7 +10183,6 @@ spec: type: object controller: default: default - description: Set to the type of ingress controller. enum: - default - gce @@ -16460,9 +10215,6 @@ spec: imageChartStorage: properties: azure: - description: An implementation of the storagedriver.StorageDriver - interface which uses Microsoft Azure Blob Storage for object - storage. See https://docs.docker.com/registry/storage-drivers/azure/ properties: accountkeyRef: type: string @@ -16478,22 +10230,14 @@ spec: type: string type: object filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: chartPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -16501,9 +10245,6 @@ spec: registryPersistentVolume: properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string maxthreads: default: 100 @@ -16513,8 +10254,6 @@ spec: prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -16523,24 +10262,17 @@ spec: - registryPersistentVolume type: object gcs: - description: An implementation of the storagedriver.StorageDriver - interface which uses Google Cloud for object storage. See https://docs.docker.com/registry/storage-drivers/gcs/ properties: bucket: - description: bucket to store charts for Gcs storage type: string chunkSize: type: string keyDataRef: - description: The base64 encoded json file which contains the - key type: string pathPrefix: type: string type: object oss: - description: An implementation of the storagedriver.StorageDriver - interface which uses Alibaba Cloud for object storage. See https://docs.docker.com/registry/storage-drivers/oss/ properties: accessKeyID: type: string @@ -16549,15 +10281,11 @@ spec: bucket: type: string chunksize: - description: The Oss API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean endpoint: type: string @@ -16585,35 +10313,22 @@ spec: type: boolean type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services for - object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, omit - to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store the - registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks to - be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the image - in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt must - be true, or this parameter is ignored). type: string multipartcopychunksize: format: int64 @@ -16625,22 +10340,12 @@ spec: format: int64 type: integer region: - description: The AWS region in which your bucket exists. For - the moment, the Go AWS library in use does not use the newer - DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services (Minio, - etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 keys - to allow you to segment data in your bucket if necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS Secret - Key. If you use IAM roles, omit to fetch temporary credentials - from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -16648,64 +10353,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is set - to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version 4 - of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. See: - https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. It - is used by HP Cloud Object Storage in addition to the secretkey - parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for example - 3. By default the driver autodetects the auth’s version - from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you wish - to store the registry’s data. The driver creates the named - container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 API. - You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 API. - You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to swift. enum: - public - internal @@ -16713,39 +10391,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set to - true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container if necessary. - Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either use - tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either use - tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -16755,7 +10418,6 @@ spec: imageSource: properties: imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -16763,23 +10425,15 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array repository: - description: The default repository for the images of the components. - eg docker.io/goharbor/ type: string tagSuffix: - description: The tag suffix for the images of the images of the - components. eg '-patch1' type: string type: object internalTLS: @@ -16795,10 +10449,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -16806,12 +10458,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -16823,12 +10471,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -16836,35 +10482,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -16880,8 +10508,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -16890,33 +10516,19 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: scanDataExportsPersistentVolume: - description: ScanDataExportsPersistentVolume specify the persistent - volume used to store data exports. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -16925,7 +10537,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -16933,43 +10544,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -16981,7 +10567,6 @@ spec: type: object logLevel: default: info - description: HarborLogLevel is the log level for Harbor. enum: - debug - info @@ -16990,13 +10575,9 @@ spec: - fatal type: string network: - description: Network settings for the harbor properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object @@ -17004,15 +10585,12 @@ spec: properties: migrationEnabled: default: true - description: Inject migration configuration to notary resources type: boolean server: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17020,13 +10598,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17034,36 +10607,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -17079,8 +10633,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17089,21 +10641,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17111,44 +10655,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -17156,10 +10674,8 @@ spec: signer: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17167,13 +10683,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17181,36 +10692,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true - for the component to fit on a node. Selector which must - match a node''s labels for the pod to be scheduled on that - node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. - This is a pointer to distinguish between explicit zero and - unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. \n This field - is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. type: string required: - name @@ -17226,8 +10718,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17236,21 +10726,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17258,44 +10740,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. type: string key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. type: string type: object type: array @@ -17304,10 +10760,8 @@ spec: portal: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17315,12 +10769,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17328,35 +10778,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17372,8 +10804,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17382,20 +10812,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17403,43 +10826,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -17473,27 +10871,20 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host @@ -17505,10 +10896,8 @@ spec: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17516,12 +10905,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17533,12 +10918,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -17546,38 +10929,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object relativeURLs: default: true type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17593,8 +10958,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17603,15 +10966,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storageMiddlewares: items: @@ -17628,7 +10985,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17636,43 +10992,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -17680,10 +11011,8 @@ spec: registryctl: properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17691,12 +11020,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17704,35 +11029,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17748,8 +11055,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -17758,20 +11063,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -17779,88 +11077,52 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object trace: - description: Trace settings for the harbor properties: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -17869,43 +11131,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -17917,14 +11167,10 @@ spec: type: string type: array githubTokenRef: - description: The name of the secret containing the token to connect - to GitHub API. type: string image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -17932,12 +11178,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17945,42 +11187,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for - the component to fit on a node. Selector which must match a - node''s labels for the pod to be scheduled on that node. More - info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object offlineScan: default: false - description: Option prevents Trivy from sending API requests to - identify dependencies. This option doesn’t affect DB download. - You need to specify "skip-update" as well as "offline-scan" - in an air-gapped environment. type: boolean replicas: - description: 'Replicas is the number of desired replicas. This - is a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in - pod.spec.resourceClaims of the Pod where this field - is used. It makes that resource available inside a - container. type: string required: - name @@ -17996,8 +11216,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -18006,57 +11224,33 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string skipUpdate: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean storage: properties: cachePersistentVolume: - description: CachePersistentVolume specify the persistent - volume used to store Trivy cache. If empty, empty dir will - be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object reportsPersistentVolume: - description: ReportsPersistentVolume specify the persistent - volume used to store Trivy reports. If empty, empty dir - will be used. properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string prefix: type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName @@ -18065,7 +11259,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -18073,43 +11266,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -18120,7 +11288,6 @@ spec: default: RollingUpdate type: string version: - description: The version of the harbor, eg 2.1.2 pattern: '[0-9]+\.[0-9]+\.[0-9]+' type: string required: @@ -18133,28 +11300,17 @@ spec: - version type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -18165,8 +11321,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -18179,7 +11333,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -18196,11 +11349,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: harborserverconfigurations.goharbor.io spec: group: goharbor.io @@ -18232,28 +11384,16 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: HarborServerConfiguration is the Schema for the harborserverconfigurations - API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: HarborServerConfigurationSpec defines the desired state of - HarborServerConfiguration. properties: accessCredential: - description: AccessCredential is a namespaced credential to keep the - access key and secret for the harbor server configuration. properties: accessSecretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -18266,44 +11406,19 @@ spec: - namespace type: object default: - description: Default indicates the harbor configuration manages namespaces. - Value in goharbor.io/harbor annotation will be considered with high - priority. At most, one HarborServerConfiguration can be the default, - multiple defaults will be rejected. type: boolean insecure: - description: Indicate if the Harbor server is an insecure registry type: boolean namespaceSelector: - description: "NamespaceSelector decides whether to apply the HSC on - a namespace based on whether the namespace matches the selector. - See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - for more examples of label selectors. \n Default to the empty LabelSelector, - which matches everything." properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. properties: key: - description: key is the label key that the selector applies - to. type: string operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. type: string values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. items: type: string type: array @@ -18315,17 +11430,10 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. type: object type: object x-kubernetes-map-type: atomic rules: - description: Rules configures the container image rewrite rules for - transparent proxy caching with Harbor. items: type: string type: array @@ -18333,7 +11441,6 @@ spec: pattern: (?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^https?://(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)+([A-Za-z]|[A-Za-z][A-Za-z0-9\-]*[A-Za-z0-9]) type: string version: - description: The version of the Harbor server pattern: (0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))? type: string required: @@ -18342,16 +11449,12 @@ spec: - version type: object status: - description: HarborConfigurationStatus defines the status of HarborServerConfiguration. properties: message: - description: Message provides human-readable message. type: string reason: - description: Reason represents status reason. type: string status: - description: Status represents harbor configuration status. type: string type: object type: object @@ -18365,7 +11468,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -18409,22 +11512,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: JobService is the Schema for the JobService API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: JobServiceSpec defines the desired state of JobService. properties: certificateRefs: items: @@ -18443,10 +11538,8 @@ spec: - url type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -18454,12 +11547,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -18474,13 +11563,11 @@ spec: sizeLimit: 100Mi stdout: level: INFO - description: Job logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -18497,7 +11584,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -18509,240 +11595,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -18750,150 +11701,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -18905,129 +11772,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -19035,103 +11808,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -19147,9 +11842,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -19158,49 +11850,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -19212,31 +11873,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -19244,81 +11888,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -19326,198 +11927,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -19525,155 +12016,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -19681,100 +12082,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -19786,54 +12129,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -19841,48 +12146,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -19891,160 +12167,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -20052,61 +12244,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -20114,81 +12264,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -20201,7 +12306,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -20215,13 +12319,11 @@ spec: default: stdout: level: INFO - description: Logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -20238,7 +12340,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -20250,240 +12351,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -20491,150 +12457,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -20646,129 +12528,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -20776,103 +12564,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -20888,9 +12598,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -20899,49 +12606,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -20953,31 +12629,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -20985,81 +12644,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -21067,198 +12683,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -21266,155 +12772,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -21422,100 +12838,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -21527,54 +12885,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -21582,48 +12902,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -21632,160 +12923,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -21793,61 +13000,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -21855,81 +13020,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -21942,7 +13062,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -21955,9 +13074,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -22002,28 +13118,15 @@ spec: - url type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -22039,8 +13142,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -22049,23 +13150,16 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -22087,47 +13181,22 @@ spec: - url type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array workerPool: - description: Configurations of worker pool properties: backend: default: redis @@ -22136,54 +13205,40 @@ spec: minLength: 1 type: string redisPool: - description: RedisPoolConfig keeps redis worker info. properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle - connections are not closed. Applications should set the - timeout to a value less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string namespace: type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object workers: default: 10 - description: Worker concurrency format: int32 minimum: 1 type: integer @@ -22196,28 +13251,17 @@ spec: - workerPool type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -22228,8 +13272,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -22242,7 +13284,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -22271,22 +13312,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: JobService is the Schema for the JobService API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: JobServiceSpec defines the desired state of JobService. properties: certificateRefs: items: @@ -22305,10 +13338,8 @@ spec: - url type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -22316,12 +13347,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -22336,13 +13363,11 @@ spec: sizeLimit: 100Mi stdout: level: INFO - description: Job logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -22359,7 +13384,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -22371,240 +13395,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -22612,150 +13501,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -22767,129 +13572,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -22897,103 +13608,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -23009,9 +13642,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -23020,49 +13650,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -23074,31 +13673,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -23106,81 +13688,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -23188,198 +13727,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -23387,155 +13816,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -23543,100 +13882,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -23648,54 +13929,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -23703,48 +13946,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -23753,160 +13967,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -23914,61 +14044,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -23976,81 +14064,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -24063,7 +14106,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -24077,13 +14119,11 @@ spec: default: stdout: level: INFO - description: Logger configurations properties: database: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -24100,7 +14140,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -24112,240 +14151,105 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string volume: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure - managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a - secret object containing parameters used to connect - to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -24353,150 +14257,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no - secret is required. If the secret object contains - more than one secret, all secret references are - passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field properties: fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires - decimal values for mode bits. If not specified, - the volume defaultMode will be used. This - might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -24508,129 +14328,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The - size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that - the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the volume - is only needed while the pod runs, b) features of - normal volumes like restoring from snapshot or capacity - tracking are needed, c) the storage driver is specified - through a storage class, and d) the storage driver - supports dynamic volume provisioning through a PersistentVolumeClaim - (see EphemeralVolumeSource for more information on - the connection between this volume type and PersistentVolumeClaim). - \n Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the - lifecycle of an individual pod. \n Use CSI for light-weight - local ephemeral volumes if the CSI driver is meant - to be used that way - see the documentation of the - driver for more information. \n A pod can use both - types of ephemeral volumes and persistent volumes - at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will be - the owner of the PVC, i.e. the PVC will be deleted - together with the pod. The name of the PVC will - be `-` where `` - is the name from the `PodSpec.Volumes` array entry. - Pod validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too - long). \n An existing PVC with that name that - is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by - mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created - PVC is meant to be used by the pod, the PVC has - to updated with an owner reference to the pod - once the pod exists. Normally this should not - be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on the - contents of the specified data source. - When the AnyVolumeDataSource feature gate - is enabled, dataSource contents will be - copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource - when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -24638,103 +14364,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, - volume binding will only succeed if the - type of the specified object matches some - installed volume populator or dynamic - provisioner. This field will replace the - functionality of the dataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, when namespace isn''t specified - in dataSourceRef, both fields (dataSource - and dataSourceRef) will be set to the - same value automatically if one of them - is empty and the other is non-empty. When - namespace is specified in dataSourceRef, - dataSource isn''t set to the same value - and must be empty. There are three important - differences between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores disallowed - values (dropping them), dataSourceRef - preserves all values, and generates an - error if a disallowed value is specified. - * While dataSource only allows local objects, - dataSourceRef allows objects in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If - APIGroup is not specified, the specified - Kind must be in the core API group. - For any other third-party types, APIGroup - is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation for - details. (Alpha) This field requires - the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are - lower than previous value but must still - be higher than capacity recorded in the - status field of the claim. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -24750,9 +14398,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -24761,49 +14406,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted for - a container, it defaults to Limits - if that is explicitly specified, otherwise - to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. - This array is replaced during - a strategic merge patch. items: type: string type: array @@ -24815,31 +14429,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of - {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -24847,81 +14444,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and then - exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver to - use for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force the - ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. - If the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -24929,198 +14483,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda - is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at - a particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo - using git, then mount the EmptyDir into the Pod''s - container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git - repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory - with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used for - system agents or other privileged things that are - allowed to see the host machine. Most containers will - NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount host - directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the link - to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically TCP - ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -25128,155 +14572,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Directories within the path - are not affected by this setting. This might be - in conflict with other options that affect the - file mode, like fsGroup, and the result can be - other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -25284,100 +14638,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is written - in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, - JSON requires decimal values for - mode bits. If not specified, the - volume defaultMode will be used. - This might be in conflict with - other options that affect the - file mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not - start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu and - requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -25389,54 +14685,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will be - projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not present - in the Secret, the volume setup will - error unless it is marked optional. - Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a - path within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 or - a decimal value between 0 and - 511. YAML accepts both octal and - decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume defaultMode - will be used. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -25444,48 +14702,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended - audience of the token. A recipient of - a token must identify itself with an - identifier specified in the audience - of the token, and otherwise should reject - the token. The audience defaults to - the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of the - service account token. As the token - approaches expiration, the kubelet volume - plugin will proactively rotate the service - account token. The kubelet will start - trying to rotate the token if the token - is older than 80 percent of its time - to live or if the token is older than - 24 hours.Defaults to 1 hour and must - be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to project - the token into. type: string required: - path @@ -25494,160 +14723,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -25655,61 +14800,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. Must - be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON - requires decimal values for mode bits. If - not specified, the volume defaultMode will - be used. This might be in conflict with - other options that affect the file mode, - like fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be an - absolute path. May not contain the path - element '..'. May not start with the string - '..'. type: string required: - key @@ -25717,81 +14820,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default - behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do - not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -25804,7 +14862,6 @@ spec: properties: level: default: INFO - description: JobServiceLogLevel is the log level for JobService. enum: - DEBUG - INFO @@ -25821,12 +14878,10 @@ spec: type: boolean path: default: /metrics - description: The path of the metrics. pattern: /.+ type: string port: default: 8001 - description: The port of the metrics. format: int32 minimum: 1 type: integer @@ -25835,18 +14890,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -25891,28 +14940,15 @@ spec: - url type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -25928,8 +14964,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -25938,18 +14972,12 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object secretRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -25961,237 +14989,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -26199,146 +15095,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -26350,126 +15166,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -26477,100 +15202,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -26586,9 +15236,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -26597,47 +15244,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -26649,29 +15267,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -26679,80 +15282,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -26760,194 +15321,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -26955,153 +15410,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -27109,97 +15476,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -27211,53 +15523,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -27265,46 +15540,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -27313,159 +15561,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -27473,58 +15638,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -27532,81 +15658,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -27619,7 +15700,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -27641,42 +15721,18 @@ spec: - url type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -27685,41 +15741,31 @@ spec: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -27728,43 +15774,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -27773,7 +15807,6 @@ spec: default: RollingUpdate type: string workerPool: - description: Configurations of worker pool properties: backend: default: redis @@ -27782,54 +15815,40 @@ spec: minLength: 1 type: string redisPool: - description: RedisPoolConfig keeps redis worker info. properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string idleTimeout: default: 30s - description: IdleTimeoutSecond closes connections after remaining - idle for this duration. If the value is zero, then idle - connections are not closed. Applications should set the - timeout to a value less than the server's timeout. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string namespace: type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object workers: default: 10 - description: Worker concurrency format: int32 minimum: 1 type: integer @@ -27842,28 +15861,17 @@ spec: - workerPool type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -27874,8 +15882,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -27888,7 +15894,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -27906,7 +15911,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -27950,22 +15955,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: NotaryServer is the Schema for the NotaryServer API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotaryServerSpec defines the desired state of NotaryServer. properties: authentication: properties: @@ -27993,10 +15990,8 @@ spec: - token type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -28004,12 +15999,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -28018,8 +16009,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -28034,33 +16023,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -28076,8 +16049,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -28086,42 +16057,24 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -28134,17 +16087,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -28154,7 +16101,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -28168,42 +16114,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -28237,28 +16159,17 @@ spec: - trustService type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -28269,8 +16180,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -28283,7 +16192,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -28312,22 +16220,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: NotaryServer is the Schema for the NotaryServer API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotaryServerSpec defines the desired state of NotaryServer. properties: authentication: properties: @@ -28355,10 +16255,8 @@ spec: - token type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -28366,12 +16264,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -28380,8 +16274,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -28397,42 +16289,23 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -28448,8 +16321,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -28458,42 +16329,24 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -28506,17 +16359,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -28526,7 +16373,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -28540,42 +16386,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -28609,28 +16431,17 @@ spec: - trustService type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -28641,8 +16452,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -28655,7 +16464,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -28673,7 +16481,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -28717,22 +16525,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: NotarySigner is the Schema for the NotarySigner API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotarySignerSpec defines the desired state of NotarySigner. properties: authentatication: properties: @@ -28743,10 +16543,8 @@ spec: - certificateRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -28754,12 +16552,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -28768,8 +16562,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -28784,33 +16576,17 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -28826,8 +16602,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -28836,15 +16610,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -28854,27 +16622,15 @@ spec: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -28887,17 +16643,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -28908,7 +16658,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -28916,42 +16665,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -28960,28 +16685,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -28992,8 +16706,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29006,7 +16718,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29035,22 +16746,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: NotarySigner is the Schema for the NotarySigner API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: NotarySignerSpec defines the desired state of NotarySigner. properties: authentatication: properties: @@ -29061,10 +16764,8 @@ spec: - certificateRef type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -29072,12 +16773,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -29086,8 +16783,6 @@ spec: properties: level: default: info - description: NotaryLogLevel is the log level for NotaryServer - and NotarySigner. enum: - debug - info @@ -29103,42 +16798,23 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -29154,8 +16830,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -29164,15 +16838,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -29182,27 +16850,15 @@ spec: postgres: properties: database: - description: The database name. Defaults to be the same as - the user name. In certain contexts, the value is checked - for extended formats. minLength: 1 type: string hosts: items: properties: host: - description: Name of host to connect to. If a host name - begins with a slash, it specifies Unix-domain communication - rather than TCP/IP communication; the value is the - name of the directory in which the socket file is - stored. minLength: 1 type: string port: - description: Port number to connect to at the server - host, or socket file name extension for Unix-domain - connections. Zero, specifies the default port number - established when PostgreSQL was built. exclusiveMinimum: true format: int32 minimum: 0 @@ -29215,17 +16871,11 @@ spec: parameters: additionalProperties: type: string - description: libpq parameters. type: object passwordRef: - description: Secret containing the password to be used if - the server demands password authentication. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string username: - description: PostgreSQL user name to connect as. Defaults - to be the same as the operating system name of the user - running the application. minLength: 1 type: string type: object @@ -29236,7 +16886,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -29244,42 +16893,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -29288,28 +16913,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -29320,8 +16934,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29334,7 +16946,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29352,7 +16963,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -29396,28 +17007,18 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Portal is the Schema for the portals API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: PortalSpec defines the desired state of Portal. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -29425,53 +17026,31 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array maxConnections: default: 1024 - description: Sets the maximum number of simultaneous connections that - can be opened. format: int32 minimum: 0 type: integer nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -29487,8 +17066,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -29497,20 +17074,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -29524,69 +17094,34 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -29597,8 +17132,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29611,7 +17144,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29640,28 +17172,18 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Portal is the Schema for the portals API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: PortalSpec defines the desired state of Portal. properties: image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -29669,64 +17191,38 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array maxConnections: default: 1024 - description: Sets the maximum number of simultaneous connections that - can be opened. format: int32 minimum: 0 type: integer network: - description: Network settings for the portal properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -29742,8 +17238,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -29752,20 +17246,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -29779,69 +17266,34 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -29852,8 +17304,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -29866,7 +17316,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -29883,11 +17332,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: pullsecretbindings.goharbor.io spec: group: goharbor.io @@ -29918,36 +17366,22 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: PullSecretBinding is the Schema for the pullsecretbindings API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: PullSecretBindingSpec defines the desired state of PullSecretBinding. properties: harborServerConfig: - description: Indicate which harbor server configuration is referred type: string projectId: - description: ProjectID points to the project associated with the secret - binding type: string robotId: - description: RobotID points to the robot account id used for secret - binding type: string serviceAccount: - description: Indicate which service account binds the pull secret type: string required: - harborServerConfig @@ -29956,19 +17390,12 @@ spec: - serviceAccount type: object status: - description: PullSecretBindingStatus defines the observed state of PullSecretBinding. properties: message: - description: Message provides human-readable message. type: string reason: - description: Reason represents status reason. type: string status: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file Indicate the status of binding: `binding`, `bound` and - `unknown`' type: string required: - status @@ -29984,7 +17411,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -30028,22 +17455,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Registry is the Schema for the registries API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistrySpec defines the desired state of Registry. See https://docs.docker.com/registry/configuration/ properties: authentication: properties: @@ -30195,12 +17614,6 @@ spec: http: properties: debug: - description: Use debug option to configure a debug server that - can be helpful in diagnosing problems. The debug endpoint can - be used for monitoring registry metrics and health, as well - as profiling. Sensitive information may be available via the - debug endpoint. Please be certain that access to the debug endpoint - is locked down in a production environment. properties: port: default: 5001 @@ -30219,8 +17632,6 @@ spec: type: object type: object drainTimeout: - description: Amount of time to wait for HTTP connections to drain - before shutting down after registry receives SIGTERM signal pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string headers: @@ -30231,26 +17642,10 @@ spec: default: X-Content-Type-Options: - nosniff - description: 'Use this option to specify headers that the HTTP - server should include in responses. This can be used for security - headers such as Strict-Transport-Security. The headers option - should contain an option for each header to include, where the - parameter name is the header’s name, and the parameter value - a list of the header’s payload values. Including X-Content-Type-Options: - [nosniff] is recommended, sothat browsers will not interpret - content as HTML if they are directed to load a page from the - registry. This header is included in the example configuration - file.' type: object host: - description: A fully-qualified URL for an externally-reachable - address for the registry. If present, it is used when creating - generated URLs. Otherwise, these URLs are derived from client - requests. type: string http2: - description: Use the http2 structure to control http2 settings - for the registry. properties: disabled: default: false @@ -30258,40 +17653,20 @@ spec: type: object net: default: tcp - description: The network used to create a listening socket. enum: - unix - tcp type: string prefix: - description: If the server does not run at the root path, set - this to the value of the prefix. The root path is the section - before v2. It requires both preceding and trailing slashes, - such as in the example /path/. pattern: (/(.+/)?)? type: string relativeURLs: default: true - description: If true, the registry returns relative URLs in Location - headers. The client is responsible for resolving the correct - URL. This option is not compatible with Docker 1.7 and earlier. type: boolean secretRef: - description: The secret name containing a random piece of data - used to sign state that may be stored with the client to protect - against tampering. For production environments you should generate - a random piece of data using a cryptographically secure random - generator. If you omit the secret, the registry will automatically - generate a secret when it starts. If you are building a cluster - of registries behind a load balancer, you MUST ensure the secret - is the same for all registries. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tls: - description: Use this to configure TLS for the server. If you - already have a web server running on the same host as the registry, - you may prefer to configure TLS on that web server and proxy - connections to the registry server. properties: certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -30299,10 +17674,8 @@ spec: type: object type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -30310,12 +17683,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -30337,7 +17706,6 @@ spec: type: object formatter: default: text - description: RegistryLogFormatter is the log formatter for Registry. enum: - text - json @@ -30363,7 +17731,6 @@ spec: type: array level: default: info - description: RegistryLogLevel is the log level for Registry. enum: - debug - info @@ -30413,15 +17780,11 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object notifications: + default: {} properties: endpoints: - description: The endpoints structure contains a list of named - services (URLs) that can accept event notifications. items: properties: backoff: @@ -30430,8 +17793,6 @@ spec: type: string disabled: default: false - description: If true, notifications are disabled for the - service. type: boolean headers: additionalProperties: @@ -30455,7 +17816,6 @@ spec: type: string type: array name: - description: A human-readable name for the service. type: string threshold: default: 3 @@ -30464,14 +17824,9 @@ spec: type: integer timeout: default: 5s - description: A value for the HTTP timeout. A positive integer - and an optional suffix indicating the unit of time, which - may be ns, us, ms, s, m, or h. If you omit the unit of - time, ns is used. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string url: - description: The URL to which events should be published. pattern: https?://.+ type: string required: @@ -30480,6 +17835,7 @@ spec: type: object type: array events: + default: {} properties: includeReferences: default: true @@ -30507,13 +17863,10 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 @@ -30522,12 +17875,9 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: @@ -30548,7 +17898,6 @@ spec: type: integer type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 @@ -30557,7 +17906,6 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string sentinelMasterSet: - description: for Sentinel MasterSet. type: string writeTimeout: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? @@ -30566,9 +17914,6 @@ spec: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer @@ -30577,21 +17922,11 @@ spec: type: string type: object resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -30607,8 +17942,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -30617,15 +17950,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -30646,9 +17973,6 @@ spec: driver: properties: filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: maxthreads: default: 100 @@ -30658,247 +17982,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -30906,156 +18088,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -31067,132 +18159,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -31200,106 +18195,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -31315,9 +18229,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -31326,51 +18237,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -31382,32 +18260,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -31415,83 +18275,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -31499,201 +18314,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -31701,159 +18403,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -31861,102 +18469,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -31968,57 +18516,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -32026,50 +18533,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -32078,161 +18554,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -32240,62 +18631,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -32303,83 +18651,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -32389,65 +18690,32 @@ spec: - volumeSource type: object inmemory: - description: 'InMemory storage driver is for purely tests - purposes. This driver is an implementation of the storagedriver.StorageDriver - interface which uses local memory for object storage. If - you would like to run a registry from volatile memory, use - the filesystem driver on a ramdisk. IMPORTANT: This storage - driver does not persist data across runs. This is why it - is only suitable for testing. Never use this driver in production. - See: https://docs.docker.com/registry/storage-drivers/inmemory/' type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services - for object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, - omit to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store - the registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt - must be true, or this parameter is ignored). type: string region: - description: The AWS region in which your bucket exists. - For the moment, the Go AWS library in use does not use - the newer DNS based bucket routing. For a list of regions, - see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services - (Minio, etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 - keys to allow you to segment data in your bucket if - necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS - Secret Key. If you use IAM roles, omit to fetch temporary - credentials from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -32455,65 +18723,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is - set to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version - 4 of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. - See: https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. - It is used by HP Cloud Object Storage in addition to - the secretkey parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for - example 3. By default the driver autodetects the auth’s - version from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you - wish to store the registry’s data. The driver creates - the named container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to - swift. enum: - public - internal @@ -32521,40 +18761,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set - to true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container - if necessary. Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary - URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -32599,7 +18823,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -32607,42 +18830,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -32669,28 +18868,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -32701,8 +18889,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -32715,7 +18901,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -32746,22 +18931,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Registry is the Schema for the registries API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistrySpec defines the desired state of Registry. See https://docs.docker.com/registry/configuration/ properties: authentication: properties: @@ -32913,12 +19090,6 @@ spec: http: properties: debug: - description: Use debug option to configure a debug server that - can be helpful in diagnosing problems. The debug endpoint can - be used for monitoring registry metrics and health, as well - as profiling. Sensitive information may be available via the - debug endpoint. Please be certain that access to the debug endpoint - is locked down in a production environment. properties: port: default: 5001 @@ -32937,8 +19108,6 @@ spec: type: object type: object drainTimeout: - description: Amount of time to wait for HTTP connections to drain - before shutting down after registry receives SIGTERM signal pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string headers: @@ -32949,26 +19118,10 @@ spec: default: X-Content-Type-Options: - nosniff - description: 'Use this option to specify headers that the HTTP - server should include in responses. This can be used for security - headers such as Strict-Transport-Security. The headers option - should contain an option for each header to include, where the - parameter name is the header’s name, and the parameter value - a list of the header’s payload values. Including X-Content-Type-Options: - [nosniff] is recommended, sothat browsers will not interpret - content as HTML if they are directed to load a page from the - registry. This header is included in the example configuration - file.' type: object host: - description: A fully-qualified URL for an externally-reachable - address for the registry. If present, it is used when creating - generated URLs. Otherwise, these URLs are derived from client - requests. type: string http2: - description: Use the http2 structure to control http2 settings - for the registry. properties: disabled: default: false @@ -32976,40 +19129,20 @@ spec: type: object net: default: tcp - description: The network used to create a listening socket. enum: - unix - tcp type: string prefix: - description: If the server does not run at the root path, set - this to the value of the prefix. The root path is the section - before v2. It requires both preceding and trailing slashes, - such as in the example /path/. pattern: (/(.+/)?)? type: string relativeURLs: default: true - description: If true, the registry returns relative URLs in Location - headers. The client is responsible for resolving the correct - URL. This option is not compatible with Docker 1.7 and earlier. type: boolean secretRef: - description: The secret name containing a random piece of data - used to sign state that may be stored with the client to protect - against tampering. For production environments you should generate - a random piece of data using a cryptographically secure random - generator. If you omit the secret, the registry will automatically - generate a secret when it starts. If you are building a cluster - of registries behind a load balancer, you MUST ensure the secret - is the same for all registries. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tls: - description: Use this to configure TLS for the server. If you - already have a web server running on the same host as the registry, - you may prefer to configure TLS on that web server and proxy - connections to the registry server. properties: certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' @@ -33017,10 +19150,8 @@ spec: type: object type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -33028,12 +19159,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -33055,7 +19182,6 @@ spec: type: object formatter: default: text - description: RegistryLogFormatter is the log formatter for Registry. enum: - text - json @@ -33081,7 +19207,6 @@ spec: type: array level: default: info - description: RegistryLogLevel is the log level for Registry. enum: - debug - info @@ -33132,24 +19257,17 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object notifications: + default: {} properties: endpoints: - description: The endpoints structure contains a list of named - services (URLs) that can accept event notifications. items: properties: backoff: @@ -33158,8 +19276,6 @@ spec: type: string disabled: default: false - description: If true, notifications are disabled for the - service. type: boolean headers: additionalProperties: @@ -33183,7 +19299,6 @@ spec: type: string type: array name: - description: A human-readable name for the service. type: string threshold: default: 3 @@ -33192,14 +19307,9 @@ spec: type: integer timeout: default: 5s - description: A value for the HTTP timeout. A positive integer - and an optional suffix indicating the unit of time, which - may be ns, us, ms, s, m, or h. If you omit the unit of - time, ns is used. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string url: - description: The URL to which events should be published. pattern: https?://.+ type: string required: @@ -33208,6 +19318,7 @@ spec: type: object type: array events: + default: {} properties: includeReferences: default: true @@ -33235,13 +19346,10 @@ spec: redis: properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 @@ -33250,12 +19358,9 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string host: - description: Server hostname. minLength: 1 type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: @@ -33276,7 +19381,6 @@ spec: type: integer type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 @@ -33285,7 +19389,6 @@ spec: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string sentinelMasterSet: - description: for Sentinel MasterSet. type: string writeTimeout: pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? @@ -33294,9 +19397,6 @@ spec: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer @@ -33305,21 +19405,11 @@ spec: type: string type: object resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -33335,8 +19425,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -33345,15 +19433,9 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string storage: properties: @@ -33374,9 +19456,6 @@ spec: driver: properties: azure: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Microsoft Azure Blob Storage for object - storage. See: https://docs.docker.com/registry/storage-drivers/azure/' properties: accountkeyRef: type: string @@ -33392,9 +19471,6 @@ spec: type: string type: object filesystem: - description: 'FileSystem is an implementation of the storagedriver.StorageDriver - interface which uses the local filesystem. The local filesystem - can be a remote volume. See: https://docs.docker.com/registry/storage-drivers/filesystem/' properties: maxthreads: default: 100 @@ -33404,247 +19480,105 @@ spec: prefix: type: string volumeSource: - description: Represents the source of a volume to mount. - Only one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS - Disk resource that is attached to a kubelet''s host - machine and then exposed to the pod. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the - readOnly setting in VolumeMounts. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More - info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk - mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching - mode: None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data - disk in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in - the blob storage type: string fsType: - description: fsType is Filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: - multiple blob disks per storage account Dedicated: - single blob disk per storage account Managed: - azure managed data disk (only in managed availability - set). defaults to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret - that contains Azure Storage Account Name and - Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on - the host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is - a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default - is /' type: string readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. More info: - https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile - is the path to key ring for User, default is - /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef - is reference to the authentication secret for - User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: - https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to - a secret object containing parameters used to - connect to OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that - should populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -33652,156 +19586,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your - admin for the correct name as registered in - the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is - passed to the associated CSI driver which will - determine the default filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference - to the secret object containing sensitive information - to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if - no secret is required. If the secret object - contains more than one secret, all secret references - are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. - Consult your driver's documentation for supported - values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' properties: apiVersion: - description: Version of the schema the - FieldPath is written in terms of, - defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to - set permissions on this file, must be - an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML - accepts both octal and decimal values, - JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' - path. Must be utf-8 encoded. The first - item of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the - container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu - and requests.memory) are currently supported.' properties: containerName: - description: 'Container name: required - for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults - to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to - select' type: string required: - resource @@ -33813,132 +19657,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default - is "" which means to use the node''s default - medium. Must be an empty string (default) or - Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of - local storage required for this EmptyDir volume. - The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir - would be the minimum value between the SizeLimit - specified here and the sum of memory limits - of all containers in a pod. The default is nil - which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is - handled by a cluster storage driver. The volume's - lifecycle is tied to the pod that defines it - it - will be created before the pod starts, and deleted - when the pod is removed. \n Use this if: a) the - volume is only needed while the pod runs, b) features - of normal volumes like restoring from snapshot or - capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the - storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that - way - see the documentation of the driver for more - information. \n A pod can use both types of ephemeral - volumes and persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which - this EphemeralVolumeSource is embedded will - be the owner of the PVC, i.e. the PVC will be - deleted together with the pod. The name of - the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the - pod if the concatenated name is not valid for - a PVC (for example, too long). \n An existing - PVC with that name that is not owned by the - pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting - the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to - updated with an owner reference to the pod once - the pod exists. Normally this should not be - necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field - is read-only and no changes will be made by - Kubernetes to the PVC after it has been created. - \n Required, must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will - be rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the - desired access modes the volume should - have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be - used to specify either: * An existing - VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, - it will create a new volume based on - the contents of the specified data source. - When the AnyVolumeDataSource feature - gate is enabled, dataSource contents - will be copied to dataSourceRef, and - dataSourceRef contents will be copied - to dataSource when dataSourceRef.namespace - is not specified. If the namespace is - specified, then dataSourceRef will not - be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -33946,106 +19693,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies - the object from which to populate the - volume with data, if a non-empty volume - is desired. This may be any object from - a non-empty API group (non core object) - or a PersistentVolumeClaim object. When - this field is specified, volume binding - will only succeed if the type of the - specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such - if both fields are non-empty, they must - have the same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other - is non-empty. When namespace is specified - in dataSourceRef, dataSource isn''t - set to the same value and must be empty. - There are three important differences - between dataSource and dataSourceRef: - * While dataSource only allows two specific - types of objects, dataSourceRef allows - any non-core object, as well as PersistentVolumeClaim - objects. * While dataSource ignores - disallowed values (dropping them), dataSourceRef - preserves all values, and generates - an error if a disallowed value is specified. - * While dataSource only allows local - objects, dataSourceRef allows objects - in any namespaces. (Beta) Using this - field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) - Using the namespace field of dataSourceRef - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled.' properties: apiGroup: - description: APIGroup is the group - for the resource being referenced. - If APIGroup is not specified, the - specified Kind must be in the core - API group. For any other third-party - types, APIGroup is required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note - that when a namespace is specified, - a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent - namespace to allow that namespace's - owner to accept the reference. See - the ReferenceGrant documentation - for details. (Alpha) This field - requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the - minimum resources the volume should - have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed - to specify resource requirements that - are lower than previous value but must - still be higher than capacity recorded - in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names - of resources, defined in spec.resourceClaims, - that are used by this container. - \n This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match - the name of one entry in pod.spec.resourceClaims - of the Pod where this field - is used. It makes that resource - available inside a container. type: string required: - name @@ -34061,9 +19727,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the - maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -34072,51 +19735,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the - minimum amount of compute resources - required. If Requests is omitted - for a container, it defaults to - Limits if that is explicitly specified, - otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query - over volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label - key that the selector applies - to. type: string operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. items: type: string type: array @@ -34128,32 +19758,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the - name of the StorageClass required by - the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. - Value of Filesystem is implied when - not included in claim spec. type: string volumeName: - description: volumeName is the binding - reference to the PersistentVolume backing - this claim. type: string type: object required: @@ -34161,83 +19773,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine and - then exposed to the pod. properties: fsType: - description: 'fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors - in the filesystem from compromising the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target - worldwide names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world - wide identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume - resource that is provisioned/attached using an exec - based plugin. properties: driver: - description: driver is the name of the driver - to use for this volume. type: string fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". The default filesystem depends on FlexVolume - script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field - holds extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to - false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret object - is specified. If the secret object contains - more than one secret, all secrets are passed - to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -34245,201 +19812,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the - Flocker control service being running properties: datasetName: - description: datasetName is Name of the dataset - stored as metadata -> name on the dataset for - Flocker should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the - volume that you want to mount. If omitted, the - default is to mount by volume name. Examples: - For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for - /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD - resource in GCE. Used to identify the disk in - GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo is - deprecated. To provision a container with a git - repo, mount an EmptyDir into an InitContainer that - clones the repo using git, then mount the EmptyDir - into the Pod''s container.' properties: directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory will be - the git repository. Otherwise, if specified, - the volume will contain the git repository in - the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the - specified revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount - on the host that shares a pod''s lifetime. More - info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly - exposed to the container. This is generally used - for system agents or other privileged things that - are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use - host directory mounts and who can/can not mount - host directories as read/write.' properties: path: - description: 'path of the directory on the host. - If the path is a symlink, it will follow the - link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and - then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI - Initiator Name. If initiatorName is specified - with iscsiInterface simultaneously, new iSCSI - interface : will - be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified - Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal - List. The portal is either an IP or ip_addr:port - if the port is other than default (typically - TCP ports 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for - iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if - the port is other than default (typically TCP - ports 860 and 3260). type: string required: - iqn @@ -34447,159 +19901,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS - server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS - export to be mounted with read-only permissions. - Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same - namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this - volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets - host machine properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type supported - by the host operating system. Ex. "ext4", "xfs". - Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 - or a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires - decimal values for mode bits. Directories within - the path are not affected by this setting. This - might be in conflict with other options that - affect the file mode, like fsGroup, and the - result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected - along with other supported volume types properties: configMap: - description: configMap information about - the configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced ConfigMap will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the ConfigMap, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -34607,102 +19967,42 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether - the ConfigMap or its keys must be - defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about - the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field properties: fieldRef: - description: 'Required: Selects - a field of the pod: only annotations, - labels, name and namespace are - supported.' properties: apiVersion: - description: Version of the - schema the FieldPath is - written in terms of, defaults - to "v1". type: string fieldPath: - description: Path of the field - to select in the specified - API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML - accepts both octal and decimal - values, JSON requires decimal - values for mode bits. If not - specified, the volume defaultMode - will be used. This might be - in conflict with other options - that affect the file mode, like - fsGroup, and the result can - be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file - to be created. Must not be absolute - or contain the ''..'' path. - Must be utf-8 encoded. The first - item of the relative path must - not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource - of the container: only resources - limits and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are currently - supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the - output format of the exposed - resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -34714,57 +20014,16 @@ spec: type: array type: object secret: - description: secret information about the - secret data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of - the referenced Secret will be projected - into the volume as a file whose name - is the key and content is the value. - If specified, the listed keys will - be projected into the specified paths, - and unlisted keys will not be present. - If a key is specified which is not - present in the Secret, the volume - setup will error unless it is marked - optional. Paths must be relative and - may not contain the '..' path or start - with '..'. items: - description: Maps a string key to - a path within a volume. properties: key: - description: key is the key to - project. type: string mode: - description: 'mode is Optional: - mode bits used to set permissions - on this file. Must be an octal - value between 0000 and 0777 - or a decimal value between 0 - and 511. YAML accepts both octal - and decimal values, JSON requires - decimal values for mode bits. - If not specified, the volume - defaultMode will be used. This - might be in conflict with other - options that affect the file - mode, like fsGroup, and the - result can be other mode bits - set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the - key to. May not be an absolute - path. May not contain the path - element '..'. May not start - with the string '..'. type: string required: - key @@ -34772,50 +20031,19 @@ spec: type: object type: array name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key must - be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to - project properties: audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself with - an identifier specified in the audience - of the token, and otherwise should - reject the token. The audience defaults - to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the - requested duration of validity of - the service account token. As the - token approaches expiration, the kubelet - volume plugin will proactively rotate - the service account token. The kubelet - will start trying to rotate the token - if the token is older than 80 percent - of its time to live or if the token - is older than 24 hours.Defaults to - 1 hour and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative - to the mount point of the file to - project the token into. type: string required: - path @@ -34824,161 +20052,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on - the host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references - an already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of - the volume that you want to mount. Tip: Ensure - that the filesystem type is supported by the - host operating system. Examples: "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring - for RBDUser. Default is /etc/ceph/keyring. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Default is "xfs". type: string gateway: - description: gateway is the host address of the - ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the - ScaleIO Protection Domain for the configured - storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret - for ScaleIO user and other sensitive information. - If this is not provided, Login operation will - fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL - communication with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage - Pool associated with the protection domain. type: string system: - description: system is the name of the storage - system as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume - already created in the ScaleIO system that is - associated with this volume source. type: string required: - gateway @@ -34986,62 +20129,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should - populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. type: string required: - key @@ -35049,83 +20149,36 @@ spec: type: object type: array optional: - description: optional field specify whether the - Secret or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to - mount. Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs", - "ntfs". Implicitly inferred to be "ext4" if - unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting - in VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to - use for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume names - are only unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope - of the volume within StorageOS. If no namespace - is specified then the Pod's namespace will be - used. This allows the Kubernetes name scoping - to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override - the default behaviour. Set to "default" if you - are not using namespaces within StorageOS. Namespaces - that do not pre-exist within StorageOS will - be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated - with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -35135,34 +20188,19 @@ spec: - volumeSource type: object gcs: - description: An implementation of the storagedriver.StorageDriver - interface which uses Google Cloud for object storage. https://docs.docker.com/registry/storage-drivers/gcs/ properties: bucket: - description: bucket to store charts for Gcs storage type: string chunkSize: type: string keyDataRef: - description: The base64 encoded json file which contains - the key type: string pathPrefix: type: string type: object inmemory: - description: 'InMemory storage driver is for purely tests - purposes. This driver is an implementation of the storagedriver.StorageDriver - interface which uses local memory for object storage. If - you would like to run a registry from volatile memory, use - the filesystem driver on a ramdisk. IMPORTANT: This storage - driver does not persist data across runs. This is why it - is only suitable for testing. Never use this driver in production. - See: https://docs.docker.com/registry/storage-drivers/inmemory/' type: object oss: - description: An implementation of the storagedriver.StorageDriver - interface which uses Alibaba Cloud for object storage. https://docs.docker.com/registry/storage-drivers/oss/ properties: accessKeyID: type: string @@ -35171,15 +20209,11 @@ spec: bucket: type: string chunksize: - description: The Oss API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean endpoint: type: string @@ -35201,35 +20235,22 @@ spec: - region type: object s3: - description: 'An implementation of the storagedriver.StorageDriver - interface which uses Amazon S3 or S3 compatible services - for object storage. See: https://docs.docker.com/registry/storage-drivers/s3/' properties: accesskey: - description: The AWS Access Key. If you use IAM roles, - omit to fetch temporary credentials from IAM. type: string bucket: - description: The bucket name in which you want to store - the registry’s data. type: string certificateRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string chunksize: - description: The S3 API requires multipart upload chunks - to be at least 5MB. format: int64 minimum: 5242880 type: integer encrypt: default: false - description: Specifies whether the registry stores the - image in encrypted format or not. A boolean value. type: boolean keyid: - description: KMS key ID to use for encryption (encrypt - must be true, or this parameter is ignored). type: string multipartcopychunksize: format: int64 @@ -35241,24 +20262,12 @@ spec: format: int64 type: integer region: - description: The AWS region in which your bucket exists. - For the moment, the Go AWS library in use does not use - the newer DNS based bucket routing. For a list of regions, - see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html type: string regionendpoint: - description: Endpoint for S3 compatible storage services - (Minio, etc). type: string rootdirectory: - description: This is a prefix that is applied to all S3 - keys to allow you to segment data in your bucket if - necessary. type: string secretkeyRef: - description: Reference to the secret containing the AWS - Secret Key. If you use IAM roles, omit to fetch temporary - credentials from IAM. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string secure: @@ -35266,65 +20275,37 @@ spec: type: boolean skipverify: default: false - description: Skips TLS verification when the value is - set to true. type: boolean storageclass: default: STANDARD - description: The S3 storage class applied to each registry - file. type: string v4auth: default: true - description: Indicates whether the registry uses Version - 4 of AWS’s authentication. type: boolean required: - bucket - region type: object swift: - description: 'An implementation of the storagedriver.StorageDriver - interface that uses OpenStack Swift for object storage. - See: https://docs.docker.com/registry/storage-drivers/swift/' properties: accesskey: - description: The access key to generate temporary URLs. - It is used by HP Cloud Object Storage in addition to - the secretkey parameter. type: string authurl: - description: URL for obtaining an auth token. https://storage.myprovider.com/v2.0 - or https://storage.myprovider.com/v3/auth type: string authversion: - description: Specify the OpenStack Auth’s version, for - example 3. By default the driver autodetects the auth’s - version from the authurl. type: string chunksize: - description: Size of the data segments for the Swift Dynamic - Large Objects. This value should be a number. format: int64 minimum: 5242880 type: integer container: - description: The name of your Swift container where you - wish to store the registry’s data. The driver creates - the named container during its initialization. type: string domain: - description: Your Openstack domain name for Identity v3 - API. You can either use domain or domainid. type: string domainID: - description: Your Openstack domain ID for Identity v3 - API. You can either use domain or domainid. type: string endpointtype: default: public - description: The endpoint type used when connecting to - swift. enum: - public - internal @@ -35332,40 +20313,24 @@ spec: type: string insecureskipverify: default: false - description: Skips TLS verification if the value is set - to true. type: boolean passwordRef: - description: Secret name containing the Openstack password. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string prefix: - description: This is a prefix that is applied to all Swift - keys to allow you to segment data in your container - if necessary. Defaults to the container’s root. type: string region: - description: The Openstack region in which your container - exists. type: string secretkeyRef: - description: The secret key used to generate temporary - URLs. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string tenant: - description: Your Openstack tenant name. You can either - use tenant or tenantid. type: string tenantID: - description: Your Openstack tenant ID. You can either - use tenant or tenantid. type: string trustid: - description: Your Openstack trust ID for Identity v3 API. type: string username: - description: The Openstack user name. type: string required: - authurl @@ -35410,7 +20375,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -35418,42 +20382,18 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -35462,41 +20402,31 @@ spec: attributes: additionalProperties: type: string - description: A key value dict contains user defined attributes - used to initialize trace provider. type: object enabled: default: false - description: Enable tracing or not. type: boolean jaeger: properties: agent: properties: host: - description: The host of the jaeger agent. type: string port: - description: The port of the jaeger agent. type: integer type: object collector: properties: endpoint: - description: The endpoint of the jaeger collector. type: string passwordRef: - description: The password secret reference name of the - jaeger collector. type: string username: - description: The username of the jaeger collector. type: string required: - endpoint type: object mode: - description: 'The jaeger mode: ''collector'' or ''agent''.' enum: - collector - agent @@ -35505,43 +20435,31 @@ spec: - mode type: object namespace: - description: Namespace used to differentiate different harbor - services. type: string otel: properties: compression: - description: Whether enable compression or not for otel. type: boolean endpoint: - description: The endpoint of otel. type: string insecure: - description: Whether establish insecure connection or not - for otel. type: boolean timeout: default: 10s - description: The timeout of otel. type: string urlPath: - description: The URL path of otel. type: string required: - endpoint - urlPath type: object provider: - description: 'The tracing provider: ''jaeger'' or ''otel''.' enum: - jaeger - otel type: string sampleRate: default: 1 - description: Set `sampleRate` to 1 if you wanna sampling 100% - of trace data; set 0.5 if you wanna sampling 50% of trace data, - and so forth. type: integer required: - provider @@ -35572,28 +20490,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -35604,8 +20511,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -35618,7 +20523,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -35641,7 +20545,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -35685,22 +20589,14 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: RegistryController is the Schema for the RegistryController API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistryControllerSpec defines the desired state of RegistryController. properties: authentication: properties: @@ -35712,10 +20608,8 @@ spec: type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -35723,12 +20617,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -35737,7 +20627,6 @@ spec: properties: level: default: info - description: RegistryCtlLogLevel is the log level for RegistryController. enum: - debug - info @@ -35749,36 +20638,20 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object registryRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -35794,8 +20667,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -35804,20 +20675,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -35831,42 +20695,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -35875,27 +20715,17 @@ spec: - registryRef type: object status: - description: Most recently observed status. properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -35906,8 +20736,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -35920,7 +20748,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -35949,22 +20776,14 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: RegistryController is the Schema for the RegistryController API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: RegistryControllerSpec defines the desired state of RegistryController. properties: authentication: properties: @@ -35976,10 +20795,8 @@ spec: type: string type: object image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -35987,12 +20804,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -36001,7 +20814,6 @@ spec: properties: level: default: info - description: RegistryCtlLogLevel is the log level for RegistryController. enum: - debug - info @@ -36014,45 +20826,26 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object registryRef: pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -36068,8 +20861,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -36078,20 +20869,13 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -36105,42 +20889,18 @@ spec: type: string type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array @@ -36149,27 +20909,17 @@ spec: - registryRef type: object status: - description: Most recently observed status. properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -36180,8 +20930,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -36194,7 +20942,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -36212,7 +20959,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: harbor-operator-ns/serving-cert - controller-gen.kubebuilder.io/version: v0.9.2 + controller-gen.kubebuilder.io/version: v0.14.0 goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 @@ -36256,32 +21003,22 @@ spec: name: v1alpha3 schema: openAPIV3Schema: - description: Trivy is the Schema for the Trivy API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: TrivySpec defines the desired state of Trivy. properties: certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -36289,12 +21026,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -36305,7 +21038,6 @@ spec: properties: level: default: info - description: TrivyLogLevel is the log level for Trivy. enum: - debug - info @@ -36318,9 +21050,6 @@ spec: nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object proxy: properties: @@ -36341,120 +21070,82 @@ spec: type: array type: object redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string jobs: properties: Namespace: default: harbor.scanner.trivy:job-queue - description: The namespace for keys in the scan jobs queue - backed by Redis type: string scanTTL: default: 1h - description: The time to live for persisting scan jobs and - associated scan reports pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object namespace: default: harbor.scanner.trivy:store - description: The namespace for keys in the Redis store type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: properties: connectionTimeout: default: 1s - description: The timeout for connecting to the Redis server pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string idleTimeout: default: 5m - description: The duration after which idle connections to - the Redis server are closed. If the value is zero, then - idle connections are not closed. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string maxActive: default: 5 - description: The max number of connections allocated by the - Redis connection pool minimum: 0 type: integer maxIdle: default: 5 - description: The max number of idle connections in the Redis - connection pool minimum: 0 type: integer readTimeout: default: 1s - description: The timeout for reading a single Redis command - reply pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string writeTimeout: default: 1s - description: The timeout for writing a single Redis command pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -36470,8 +21161,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -36480,10 +21169,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: @@ -36494,30 +21179,23 @@ spec: type: array debugMode: default: false - description: The flag to enable or disable Trivy debug mode type: boolean idleTimeout: default: 60s - description: Idle timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string ignoreUnfixed: default: false - description: The flag to display only fixed vulnerabilities type: boolean insecure: default: false - description: The flag to skip verifying registry certificate type: boolean proxy: properties: URL: - description: The URL of the proxy server pattern: https?://.+ type: string noProxy: - description: The URLs that the proxy settings do not apply - to items: type: string type: array @@ -36526,7 +21204,6 @@ spec: type: object readTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -36541,13 +21218,10 @@ spec: type: array writeTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string severities: default: @@ -36556,10 +21230,7 @@ spec: - MEDIUM - HIGH - CRITICAL - description: List of severities to be displayed items: - description: TrivyServerSeverityType represents a CVE severity type - for trivy. enum: - UNKNOWN - LOW @@ -36578,237 +21249,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -36816,146 +21355,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -36967,126 +21426,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -37094,100 +21462,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -37203,9 +21496,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -37214,47 +21504,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -37266,29 +21527,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -37296,80 +21542,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -37377,194 +21581,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -37572,153 +21670,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -37726,97 +21736,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -37828,53 +21783,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -37882,46 +21800,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -37930,159 +21821,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -38090,58 +21898,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -38149,81 +21918,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -38238,237 +21962,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -38476,146 +22068,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -38627,126 +22139,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -38754,100 +22175,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -38863,9 +22209,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -38874,47 +22217,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -38926,29 +22240,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -38956,80 +22255,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -39037,194 +22294,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -39232,153 +22383,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -39386,97 +22449,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -39488,53 +22496,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -39542,46 +22513,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -39590,159 +22534,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -39750,58 +22611,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -39809,81 +22631,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -39897,7 +22674,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -39905,65 +22681,34 @@ spec: description: Custom Labels to be added into the pods type: object tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array update: properties: githubTokenRef: - description: The GitHub access token to download Trivy DB (see - GitHub rate limiting) type: string skip: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean type: object vulnerabilityTypes: default: - os - library - description: Comma-separated list of vulnerability types. items: - description: TrivyServerVulnerabilityType represents a CVE vulnerability - type for trivy. enum: - os - library @@ -39974,28 +22719,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -40006,8 +22740,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -40020,7 +22752,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -40049,32 +22780,22 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: Trivy is the Schema for the Trivy API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: TrivySpec defines the desired state of Trivy. properties: certificateRefs: items: type: string type: array image: - description: Image name for the component. type: string imagePullPolicy: - description: 'Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' enum: - Always - Never @@ -40082,12 +22803,8 @@ spec: type: string imagePullSecrets: items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -40098,7 +22815,6 @@ spec: properties: level: default: info - description: TrivyLogLevel is the log level for Trivy. enum: - debug - info @@ -40112,18 +22828,12 @@ spec: properties: ipFamilies: items: - description: IPFamily represents the IP Family (IPv4 or IPv6). - This type is used to express the family of an IP expressed - by a type (e.g. service.spec.ipFamilies). type: string type: array type: object nodeSelector: additionalProperties: type: string - description: 'NodeSelector is a selector which must be true for the - component to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object offlineScan: default: false @@ -40147,120 +22857,82 @@ spec: type: array type: object redis: - description: Redis cache store properties: certificateRef: - description: Secret containing the client certificate to authenticate - with. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string database: default: 0 - description: The database number. format: int32 maximum: 8 minimum: 0 type: integer host: - description: Server hostname. minLength: 1 type: string jobs: properties: Namespace: default: harbor.scanner.trivy:job-queue - description: The namespace for keys in the scan jobs queue - backed by Redis type: string scanTTL: default: 1h - description: The time to live for persisting scan jobs and - associated scan reports pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object namespace: default: harbor.scanner.trivy:store - description: The namespace for keys in the Redis store type: string passwordRef: - description: Secret containing the password to use when connecting - to the server. pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' type: string pool: properties: connectionTimeout: default: 1s - description: The timeout for connecting to the Redis server pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string idleTimeout: default: 5m - description: The duration after which idle connections to - the Redis server are closed. If the value is zero, then - idle connections are not closed. pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string maxActive: default: 5 - description: The max number of connections allocated by the - Redis connection pool minimum: 0 type: integer maxIdle: default: 5 - description: The max number of idle connections in the Redis - connection pool minimum: 0 type: integer readTimeout: default: 1s - description: The timeout for reading a single Redis command - reply pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string writeTimeout: default: 1s - description: The timeout for writing a single Redis command pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object port: - description: Server port. exclusiveMinimum: true format: int32 minimum: 0 type: integer sentinelMasterSet: - description: for Sentinel MasterSet. type: string required: - host type: object replicas: - description: 'Replicas is the number of desired replicas. This is - a pointer to distinguish between explicit zero and unspecified. - More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller' format: int32 minimum: 0 type: integer resources: - description: 'Compute Resources required by this component. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. type: string required: - name @@ -40276,8 +22948,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -40286,10 +22956,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object server: @@ -40300,30 +22966,23 @@ spec: type: array debugMode: default: false - description: The flag to enable or disable Trivy debug mode type: boolean idleTimeout: default: 60s - description: Idle timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string ignoreUnfixed: default: false - description: The flag to display only fixed vulnerabilities type: boolean insecure: default: false - description: The flag to skip verifying registry certificate type: boolean proxy: properties: URL: - description: The URL of the proxy server pattern: https?://.+ type: string noProxy: - description: The URLs that the proxy settings do not apply - to items: type: string type: array @@ -40332,7 +22991,6 @@ spec: type: object readTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string tls: @@ -40347,13 +23005,10 @@ spec: type: array writeTimeout: default: 15s - description: Socket timeout pattern: ([0-9]+h)?([0-9]+m)?([0-9]+s)?([0-9]+ms)?([0-9]+us)?([0-9]+µs)?([0-9]+ns)? type: string type: object serviceAccountName: - description: 'ServiceAccountName is the name of the ServiceAccount - to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string severities: default: @@ -40362,10 +23017,7 @@ spec: - MEDIUM - HIGH - CRITICAL - description: List of severities to be displayed items: - description: TrivyServerSeverityType represents a CVE severity type - for trivy. enum: - UNKNOWN - LOW @@ -40384,237 +23036,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -40622,146 +23142,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -40773,126 +23213,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -40900,100 +23249,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -41009,9 +23283,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -41020,47 +23291,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -41072,29 +23314,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -41102,80 +23329,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -41183,194 +23368,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -41378,153 +23457,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -41532,97 +23523,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -41634,53 +23570,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -41688,46 +23587,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -41736,159 +23608,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -41896,58 +23685,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -41955,81 +23705,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -42044,237 +23749,105 @@ spec: default: emptyDir: sizeLimit: 1Gi - description: Represents the source of a volume to mount. Only - one of its members may be specified. properties: awsElasticBlockStore: - description: 'awsElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty).' format: int32 type: integer readOnly: - description: 'readOnly value true will force the readOnly - setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: 'volumeID is unique ID of the persistent - disk resource in AWS (Amazon EBS volume). More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: - None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk - in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the - blob storage type: string fsType: - description: fsType is Filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple - blob disks per storage account Dedicated: single - blob disk per storage account Managed: azure managed - data disk (only in managed availability set). defaults - to shared' type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: azureFile represents an Azure File Service - mount on the host and bind mount to the pod. properties: readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that - contains Azure Storage Account Name and Key type: string shareName: - description: shareName is the azure share Name type: string required: - secretName - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the - host that shares a pod's lifetime properties: monitors: - description: 'monitors is Required: Monitors is a - collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array path: - description: 'path is Optional: Used as the mounted - root, rather than the full Ceph tree, default is - /' type: string readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: 'secretFile is Optional: SecretFile is - the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: 'secretRef is Optional: SecretRef is - reference to the authentication secret for User, - default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is optional: User is the rados - user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: 'cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: 'readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: 'secretRef is optional: points to a secret - object containing parameters used to connect to - OpenStack.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: 'volumeID used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID type: object configMap: - description: configMap represents a configMap that should - populate this volume properties: defaultMode: - description: 'defaultMode is optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -42282,146 +23855,66 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string optional: - description: optional specify whether the ConfigMap - or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). properties: driver: - description: driver is the name of the CSI driver - that handles this volume. Consult with your admin - for the correct name as registered in the cluster. type: string fsType: - description: fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the - associated CSI driver which will determine the default - filesystem to apply. type: string nodePublishSecretRef: - description: nodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all - secret references are passed. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: readOnly specifies a read-only configuration - for the volume. Defaults to false (read/write). type: boolean volumeAttributes: additionalProperties: type: string - description: volumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. type: object required: - driver type: object downwardAPI: - description: downwardAPI represents downward API about - the pod that should populate this volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits - used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: Items is a list of downward API volume - file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal - value between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of the - relative path must not start with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' type: string required: - resource @@ -42433,126 +23926,35 @@ spec: type: array type: object emptyDir: - description: 'emptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: 'medium represents what type of storage - medium should back this directory. The default is - "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More - info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: 'sizeLimit is the total amount of local - storage required for this EmptyDir volume. The size - limit is also applicable for memory medium. The - maximum usage on memory medium EmptyDir would be - the minimum value between the SizeLimit specified - here and the sum of memory limits of all containers - in a pod. The default is nil which means that the - limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: "ephemeral represents a volume that is handled - by a cluster storage driver. The volume's lifecycle - is tied to the pod that defines it - it will be created - before the pod starts, and deleted when the pod is removed. - \n Use this if: a) the volume is only needed while the - pod runs, b) features of normal volumes like restoring - from snapshot or capacity tracking are needed, c) the - storage driver is specified through a storage class, - and d) the storage driver supports dynamic volume provisioning - through a PersistentVolumeClaim (see EphemeralVolumeSource - for more information on the connection between this - volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim - or one of the vendor-specific APIs for volumes that - persist for longer than the lifecycle of an individual - pod. \n Use CSI for light-weight local ephemeral volumes - if the CSI driver is meant to be used that way - see - the documentation of the driver for more information. - \n A pod can use both types of ephemeral volumes and - persistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone - PVC to provision the volume. The pod in which this - EphemeralVolumeSource is embedded will be the owner - of the PVC, i.e. the PVC will be deleted together - with the pod. The name of the PVC will be `-` where `` is the - name from the `PodSpec.Volumes` array entry. Pod - validation will reject the pod if the concatenated - name is not valid for a PVC (for example, too long). - \n An existing PVC with that name that is not owned - by the pod will *not* be used for the pod to avoid - using an unrelated volume by mistake. Starting the - pod is then blocked until the unrelated PVC is removed. - If such a pre-created PVC is meant to be used by - the pod, the PVC has to updated with an owner reference - to the pod once the pod exists. Normally this should - not be necessary, but it may be useful when manually - reconstructing a broken cluster. \n This field is - read-only and no changes will be made by Kubernetes - to the PVC after it has been created. \n Required, - must not be nil." properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be - rejected during validation. type: object spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into - the PVC that gets created from this template. - The same fields as in a PersistentVolumeClaim - are also valid here. properties: accessModes: - description: 'accessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array dataSource: - description: 'dataSource field can be used - to specify either: * An existing VolumeSnapshot - object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. When the AnyVolumeDataSource - feature gate is enabled, dataSource contents - will be copied to dataSourceRef, and dataSourceRef - contents will be copied to dataSource when - dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef - will not be copied to dataSource.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string required: - kind @@ -42560,100 +23962,25 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: 'dataSourceRef specifies the - object from which to populate the volume - with data, if a non-empty volume is desired. - This may be any object from a non-empty - API group (non core object) or a PersistentVolumeClaim - object. When this field is specified, volume - binding will only succeed if the type of - the specified object matches some installed - volume populator or dynamic provisioner. - This field will replace the functionality - of the dataSource field and as such if both - fields are non-empty, they must have the - same value. For backwards compatibility, - when namespace isn''t specified in dataSourceRef, - both fields (dataSource and dataSourceRef) - will be set to the same value automatically - if one of them is empty and the other is - non-empty. When namespace is specified in - dataSourceRef, dataSource isn''t set to - the same value and must be empty. There - are three important differences between - dataSource and dataSourceRef: * While dataSource - only allows two specific types of objects, - dataSourceRef allows any non-core object, - as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values - (dropping them), dataSourceRef preserves - all values, and generates an error if a - disallowed value is specified. * While dataSource - only allows local objects, dataSourceRef - allows objects in any namespaces. (Beta) - Using this field requires the AnyVolumeDataSource - feature gate to be enabled. (Alpha) Using - the namespace field of dataSourceRef requires - the CrossNamespaceVolumeDataSource feature - gate to be enabled.' properties: apiGroup: - description: APIGroup is the group for - the resource being referenced. If APIGroup - is not specified, the specified Kind - must be in the core API group. For any - other third-party types, APIGroup is - required. type: string kind: - description: Kind is the type of resource - being referenced type: string name: - description: Name is the name of resource - being referenced type: string namespace: - description: Namespace is the namespace - of resource being referenced Note that - when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. (Alpha) This - field requires the CrossNamespaceVolumeDataSource - feature gate to be enabled. type: string required: - kind - name type: object resources: - description: 'resources represents the minimum - resources the volume should have. If RecoverVolumeExpansionFailure - feature is enabled users are allowed to - specify resource requirements that are lower - than previous value but must still be higher - than capacity recorded in the status field - of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: claims: - description: "Claims lists the names of - resources, defined in spec.resourceClaims, - that are used by this container. \n - This is an alpha field and requires - enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." items: - description: ResourceClaim references - one entry in PodSpec.ResourceClaims. properties: name: - description: Name must match the - name of one entry in pod.spec.resourceClaims - of the Pod where this field is - used. It makes that resource available - inside a container. type: string required: - name @@ -42669,9 +23996,6 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Limits describes the maximum - amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -42680,47 +24004,18 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: - description: selector is a label query over - volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. properties: key: - description: key is the label key - that the selector applies to. type: string operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. items: type: string type: array @@ -42732,29 +24027,14 @@ spec: matchLabels: additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: 'storageClassName is the name - of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeMode: - description: volumeMode defines what type - of volume is required by the claim. Value - of Filesystem is implied when not included - in claim spec. type: string volumeName: - description: volumeName is the binding reference - to the PersistentVolume backing this claim. type: string type: object required: @@ -42762,80 +24042,38 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. properties: fsType: - description: 'fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. TODO: how - do we prevent errors in the filesystem from compromising - the machine' type: string lun: - description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: 'readOnly is Optional: Defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide - names (WWNs)' items: type: string type: array wwids: - description: 'wwids Optional: FC volume world wide - identifiers (wwids) Either wwids or combination - of targetWWNs and lun must be set, but not both - simultaneously.' items: type: string type: array type: object flexVolume: - description: flexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use - for this volume. type: string fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". The - default filesystem depends on FlexVolume script. type: string options: additionalProperties: type: string - description: 'options is Optional: this field holds - extra command options if any.' type: object readOnly: - description: 'readOnly is Optional: defaults to false - (read/write). ReadOnly here will force the ReadOnly - setting in VolumeMounts.' type: boolean secretRef: - description: 'secretRef is Optional: secretRef is - reference to the secret object containing sensitive - information to pass to the plugin scripts. This - may be empty if no secret object is specified. If - the secret object contains more than one secret, - all secrets are passed to the plugin scripts.' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic @@ -42843,194 +24081,88 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running properties: datasetName: - description: datasetName is Name of the dataset stored - as metadata -> name on the dataset for Flocker should - be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. - This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: - description: 'gcePersistentDisk represents a GCE Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: 'fsType is filesystem type of the volume - that you want to mount. Tip: Ensure that the filesystem - type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string partition: - description: 'partition is the partition in the volume - that you want to mount. If omitted, the default - is to mount by volume name. Examples: For volume - /dev/sda1, you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" (or you - can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: 'pdName is unique name of the PD resource - in GCE. Used to identify the disk in GCE. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: 'gitRepo represents a git repository at a - particular revision. DEPRECATED: GitRepo is deprecated. - To provision a container with a git repo, mount an EmptyDir - into an InitContainer that clones the repo using git, - then mount the EmptyDir into the Pod''s container.' properties: directory: - description: directory is the target directory name. - Must not contain or start with '..'. If '.' is - supplied, the volume directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. type: string repository: - description: repository is the URL type: string revision: - description: revision is the commit hash for the specified - revision. type: string required: - repository type: object glusterfs: - description: 'glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: 'endpoints is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: 'path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: 'readOnly here will force the Glusterfs - volume to be mounted with read-only permissions. - Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: 'hostPath represents a pre-existing file - or directory on the host machine that is directly exposed - to the container. This is generally used for system - agents or other privileged things that are allowed to - see the host machine. Most containers will NOT need - this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' properties: path: - description: 'path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: 'type for HostPath Volume Defaults to - "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: 'iscsi represents an ISCSI Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support - iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support - iSCSI Session CHAP authentication type: boolean fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string initiatorName: - description: initiatorName is the custom iSCSI Initiator - Name. If initiatorName is specified with iscsiInterface - simultaneously, new iSCSI interface : will be created for the connection. type: string iqn: - description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: iscsiInterface is the interface Name - that uses an iSCSI transport. Defaults to 'default' - (tcp). type: string lun: - description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: portals is the iSCSI Target Portal List. - The portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). items: type: string type: array readOnly: - description: readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI - target and initiator authentication properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: targetPortal is iSCSI Target Portal. - The Portal is either an IP or ip_addr:port if the - port is other than default (typically TCP ports - 860 and 3260). type: string required: - iqn @@ -43038,153 +24170,65 @@ spec: - targetPortal type: object nfs: - description: 'nfs represents an NFS mount on the host - that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: 'path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: 'readOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: 'server is the hostname or IP address - of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: 'claimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: readOnly Will force the ReadOnly setting - in VolumeMounts. Default false. type: boolean required: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon - Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume - attached and mounted on kubelets host machine properties: fsType: - description: fSType represents the filesystem type - to mount Must be a filesystem type supported by - the host operating system. Ex. "ext4", "xfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx - volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources - secrets, configmaps, and downward API properties: defaultMode: - description: defaultMode are the mode bits used to - set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal values - for mode bits. Directories within the path are not - affected by this setting. This might be in conflict - with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. format: int32 type: integer sources: - description: sources is the list of volume projections items: - description: Projection that may be projected along - with other supported volume types properties: configMap: - description: configMap information about the - configMap data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced ConfigMap will be projected - into the volume as a file whose name is - the key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the ConfigMap, - the volume setup will error unless it - is marked optional. Paths must be relative - and may not contain the '..' path or start - with '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -43192,97 +24236,42 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional specify whether the - ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the - downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume - file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field properties: fieldRef: - description: 'Required: Selects a - field of the pod: only annotations, - labels, name and namespace are supported.' properties: apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". type: string fieldPath: - description: Path of the field - to select in the specified API - version. type: string required: - fieldPath type: object x-kubernetes-map-type: atomic mode: - description: 'Optional: mode bits - used to set permissions on this - file, must be an octal value between - 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute - or contain the ''..'' path. Must - be utf-8 encoded. The first item - of the relative path must not start - with ''..''' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' properties: containerName: - description: 'Container name: - required for volumes, optional - for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output - format of the exposed resources, - defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource - to select' type: string required: - resource @@ -43294,53 +24283,16 @@ spec: type: array type: object secret: - description: secret information about the secret - data to project properties: items: - description: items if unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. items: - description: Maps a string key to a path - within a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' format: int32 type: integer path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. type: string required: - key @@ -43348,46 +24300,19 @@ spec: type: object type: array name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: - description: optional field specify whether - the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information - about the serviceAccountToken data to project properties: audience: - description: audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience - defaults to the identifier of the apiserver. type: string expirationSeconds: - description: expirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The - kubelet will start trying to rotate the - token if the token is older than 80 percent - of its time to live or if the token is - older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. format: int64 type: integer path: - description: path is the path relative to - the mount point of the file to project - the token into. type: string required: - path @@ -43396,159 +24321,76 @@ spec: type: array type: object quobyte: - description: quobyte represents a Quobyte mount on the - host that shares a pod's lifetime properties: group: - description: group to map volume access to Default - is no group type: string readOnly: - description: readOnly here will force the Quobyte - volume to be mounted with read-only permissions. - Defaults to false. type: boolean registry: - description: registry represents a single or multiple - Quobyte Registry services specified as a string - as host:port pair (multiple entries are separated - with commas) which acts as the central registry - for volumes type: string tenant: - description: tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned - Quobyte volumes, value is set by the plugin type: string user: - description: user to map volume access to Defaults - to serivceaccount user type: string volume: - description: volume is a string that references an - already created Quobyte volume by name. type: string required: - registry - volume type: object rbd: - description: 'rbd represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: 'fsType is the filesystem type of the - volume that you want to mount. Tip: Ensure that - the filesystem type is supported by the host operating - system. Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem - from compromising the machine' type: string image: - description: 'image is the rados image name. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: 'keyring is the path to key ring for - RBDUser. Default is /etc/ceph/keyring. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: 'monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array pool: - description: 'pool is the rados pool name. Default - is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: 'readOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: 'user is the rados user name. Default - is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Default - is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO - API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO - Protection Domain for the configured storage. type: string readOnly: - description: readOnly Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef references to the secret for - ScaleIO user and other sensitive information. If - this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication - with Gateway, default false type: boolean storageMode: - description: storageMode indicates whether the storage - for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool - associated with the protection domain. type: string system: - description: system is the name of the storage system - as configured in ScaleIO. type: string volumeName: - description: volumeName is the name of a volume already - created in the ScaleIO system that is associated - with this volume source. type: string required: - gateway @@ -43556,58 +24398,19 @@ spec: - system type: object secret: - description: 'secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: 'defaultMode is Optional: mode bits used - to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or - a decimal value between 0 and 511. YAML accepts - both octal and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. Directories - within the path are not affected by this setting. - This might be in conflict with other options that - affect the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. If - a key is specified which is not present in the Secret, - the volume setup will error unless it is marked - optional. Paths must be relative and may not contain - the '..' path or start with '..'. items: - description: Maps a string key to a path within - a volume. properties: key: - description: key is the key to project. type: string mode: - description: 'mode is Optional: mode bits used - to set permissions on this file. Must be an - octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both - octal and decimal values, JSON requires decimal - values for mode bits. If not specified, the - volume defaultMode will be used. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' format: int32 type: integer path: - description: path is the relative path of the - file to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. type: string required: - key @@ -43615,81 +24418,36 @@ spec: type: object type: array optional: - description: optional field specify whether the Secret - or its keys must be defined type: boolean secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: - description: storageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. properties: fsType: - description: fsType is the filesystem type to mount. - Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. type: string readOnly: - description: readOnly defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in - VolumeMounts. type: boolean secretRef: - description: secretRef specifies the secret to use - for obtaining the StorageOS API credentials. If - not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: volumeName is the human-readable name - of the StorageOS volume. Volume names are only - unique within a namespace. type: string volumeNamespace: - description: volumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is - specified then the Pod's namespace will be used. This - allows the Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume - attached and mounted on kubelets host machine properties: fsType: - description: fsType is filesystem type to mount. Must - be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred - to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy - Based Management (SPBM) profile ID associated with - the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy - Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies - vSphere volume vmdk type: string required: - volumePath @@ -43703,7 +24461,6 @@ spec: templateAnnotations: additionalProperties: type: string - description: Custom annotations to be added into the pods type: object templateLabels: additionalProperties: @@ -43714,65 +24471,34 @@ spec: default: 5m0s type: string tolerations: - description: If specified, the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . properties: effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match all - values and all keys. type: string operator: - description: Operator represents a key's relationship to the - value. Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod - can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of time - the toleration (which must be of effect NoExecute, otherwise - this field is ignored) tolerates the taint. By default, it - is not set, which means tolerate the taint forever (do not - evict). Zero and negative values will be treated as 0 (evict - immediately) by the system. format: int64 type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. type: string type: object type: array update: properties: githubTokenRef: - description: The GitHub access token to download Trivy DB (see - GitHub rate limiting) type: string skip: default: false - description: The flag to enable or disable Trivy DB downloads - from GitHub type: boolean type: object vulnerabilityTypes: default: - os - library - description: Comma-separated list of vulnerability types. items: - description: TrivyServerVulnerabilityType represents a CVE vulnerability - type for trivy. enum: - os - library @@ -43783,28 +24509,17 @@ spec: - storage type: object status: - description: ComponentStatus represents the current status of the resource. - https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties properties: conditions: - description: Conditions list of extracted conditions from Resource items: - description: Condition defines the general format for conditions - on Kubernetes resources. In practice, each kubernetes resource - defines their own format for conditions, but most (maybe all) - follows this structure. properties: message: - description: Message Human readable reason string type: string reason: - description: Reason one work CamelCase reason type: string status: - description: Status String that describes the condition status type: string type: - description: Type condition type type: string required: - status @@ -43815,8 +24530,6 @@ spec: format: int64 type: integer operator: - description: ControllerStatus represents the current status of the - operator. properties: controllerGitCommit: minLength: 1 @@ -43829,7 +24542,6 @@ spec: type: string type: object replicas: - description: Current number of pods. format: int32 minimum: 0 type: integer @@ -43886,7 +24598,6 @@ metadata: goharbor.io/deploy-engine: Kustomization goharbor.io/deploy-mode: harbor goharbor.io/operator-version: v1.3.0 - creationTimestamp: null name: harbor-operator-role rules: - apiGroups: diff --git a/pkg/cluster/controllers/cache/deploy.go b/pkg/cluster/controllers/cache/deploy.go index 975fde58e..ba66e46e4 100644 --- a/pkg/cluster/controllers/cache/deploy.go +++ b/pkg/cluster/controllers/cache/deploy.go @@ -3,9 +3,9 @@ package cache import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/cluster/controllers/cache/image.go b/pkg/cluster/controllers/cache/image.go index 134752d59..690e16456 100644 --- a/pkg/cluster/controllers/cache/image.go +++ b/pkg/cluster/controllers/cache/image.go @@ -17,8 +17,8 @@ package cache import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/image" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/image" ) const ( diff --git a/pkg/cluster/controllers/cache/readiness.go b/pkg/cluster/controllers/cache/readiness.go index bc2967a8c..a6fda9d6d 100644 --- a/pkg/cluster/controllers/cache/readiness.go +++ b/pkg/cluster/controllers/cache/readiness.go @@ -6,9 +6,9 @@ import ( "fmt" "math/big" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" labels1 "k8s.io/apimachinery/pkg/labels" diff --git a/pkg/cluster/controllers/cache/redis.go b/pkg/cluster/controllers/cache/redis.go index e0c8ab1ec..f44d98d12 100644 --- a/pkg/cluster/controllers/cache/redis.go +++ b/pkg/cluster/controllers/cache/redis.go @@ -4,9 +4,9 @@ import ( "context" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" "github.com/ovh/configstore" "github.com/pkg/errors" redisOp "github.com/spotahome/redis-operator/api/redisfailover/v1" diff --git a/pkg/cluster/controllers/cache/resource_manager.go b/pkg/cluster/controllers/cache/resource_manager.go index 0ceb2c7f6..c59bef99c 100644 --- a/pkg/cluster/controllers/cache/resource_manager.go +++ b/pkg/cluster/controllers/cache/resource_manager.go @@ -5,10 +5,10 @@ import ( "fmt" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/common" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/common" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/ovh/configstore" redisOp "github.com/spotahome/redis-operator/api/redisfailover/v1" corev1 "k8s.io/api/core/v1" diff --git a/pkg/cluster/controllers/cache/update.go b/pkg/cluster/controllers/cache/update.go index c592deead..89bbe1d6c 100644 --- a/pkg/cluster/controllers/cache/update.go +++ b/pkg/cluster/controllers/cache/update.go @@ -3,11 +3,11 @@ package cache import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/common" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/common" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" + "github.com/plotly/harbor-operator/pkg/resources/checksum" redisOp "github.com/spotahome/redis-operator/api/redisfailover/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" diff --git a/pkg/cluster/controllers/common/equals.go b/pkg/cluster/controllers/common/equals.go index 6c543371e..8f235adac 100644 --- a/pkg/cluster/controllers/common/equals.go +++ b/pkg/cluster/controllers/common/equals.go @@ -3,8 +3,8 @@ package common import ( "context" - "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/cluster/controllers/database/generate.go b/pkg/cluster/controllers/database/generate.go index 3b67073bd..787a9d4f9 100644 --- a/pkg/cluster/controllers/database/generate.go +++ b/pkg/cluster/controllers/database/generate.go @@ -4,10 +4,10 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/database/api" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/database/api" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/cluster/controllers/database/image.go b/pkg/cluster/controllers/database/image.go index b1965ba83..1e401a96b 100644 --- a/pkg/cluster/controllers/database/image.go +++ b/pkg/cluster/controllers/database/image.go @@ -17,8 +17,8 @@ package database import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/image" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/image" ) const ( diff --git a/pkg/cluster/controllers/database/postgresql.go b/pkg/cluster/controllers/database/postgresql.go index cecde1c92..e4ad79e08 100644 --- a/pkg/cluster/controllers/database/postgresql.go +++ b/pkg/cluster/controllers/database/postgresql.go @@ -4,9 +4,9 @@ import ( "context" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" "github.com/ovh/configstore" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/cluster/controllers/database/provision.go b/pkg/cluster/controllers/database/provision.go index 37e9d1ef2..303dfc626 100644 --- a/pkg/cluster/controllers/database/provision.go +++ b/pkg/cluster/controllers/database/provision.go @@ -3,9 +3,9 @@ package database import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" diff --git a/pkg/cluster/controllers/database/readiness.go b/pkg/cluster/controllers/database/readiness.go index 1350e43c9..cace69366 100644 --- a/pkg/cluster/controllers/database/readiness.go +++ b/pkg/cluster/controllers/database/readiness.go @@ -6,10 +6,10 @@ import ( "os" "strings" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/database/api" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/database/api" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" "github.com/pkg/errors" acidzalando "github.com/zalando/postgres-operator/pkg/apis/acid.zalan.do" acidzalandov1 "github.com/zalando/postgres-operator/pkg/apis/acid.zalan.do/v1" diff --git a/pkg/cluster/controllers/database/status.go b/pkg/cluster/controllers/database/status.go index 57181b49d..6212d32f5 100644 --- a/pkg/cluster/controllers/database/status.go +++ b/pkg/cluster/controllers/database/status.go @@ -1,8 +1,8 @@ package database import ( - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" corev1 "k8s.io/api/core/v1" ) diff --git a/pkg/cluster/controllers/database/update.go b/pkg/cluster/controllers/database/update.go index dbe706998..bf2fea567 100644 --- a/pkg/cluster/controllers/database/update.go +++ b/pkg/cluster/controllers/database/update.go @@ -4,11 +4,11 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/common" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/database/api" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/common" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/database/api" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" diff --git a/pkg/cluster/controllers/database/utils.go b/pkg/cluster/controllers/database/utils.go index 4348bea80..dd9a14d73 100644 --- a/pkg/cluster/controllers/database/utils.go +++ b/pkg/cluster/controllers/database/utils.go @@ -5,9 +5,9 @@ import ( "fmt" "strconv" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/database/api" - "github.com/goharbor/harbor-operator/pkg/config" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/database/api" + "github.com/plotly/harbor-operator/pkg/config" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" diff --git a/pkg/cluster/controllers/harbor/cr_status.go b/pkg/cluster/controllers/harbor/cr_status.go index 3873e6832..bb7becffc 100644 --- a/pkg/cluster/controllers/harbor/cr_status.go +++ b/pkg/cluster/controllers/harbor/cr_status.go @@ -15,8 +15,8 @@ package harbor import ( - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" corev1 "k8s.io/api/core/v1" ) diff --git a/pkg/cluster/controllers/harbor/harbor.go b/pkg/cluster/controllers/harbor/harbor.go index 11fe94c49..d73f77168 100644 --- a/pkg/cluster/controllers/harbor/harbor.go +++ b/pkg/cluster/controllers/harbor/harbor.go @@ -5,12 +5,12 @@ import ( "fmt" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/common" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/common" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" + "github.com/plotly/harbor-operator/pkg/resources/checksum" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/cluster/controllers/storage/image.go b/pkg/cluster/controllers/storage/image.go index 7a067cb68..ffef6e448 100644 --- a/pkg/cluster/controllers/storage/image.go +++ b/pkg/cluster/controllers/storage/image.go @@ -17,9 +17,9 @@ package storage import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/image" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/image" corev1 "k8s.io/api/core/v1" ) diff --git a/pkg/cluster/controllers/storage/ingress.go b/pkg/cluster/controllers/storage/ingress.go index 6499b0bef..90b1402da 100644 --- a/pkg/cluster/controllers/storage/ingress.go +++ b/pkg/cluster/controllers/storage/ingress.go @@ -3,12 +3,12 @@ package storage import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/common" - miniov2 "github.com/goharbor/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/common" + miniov2 "github.com/plotly/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" netv1 "k8s.io/api/networking/v1" k8serror "k8s.io/apimachinery/pkg/api/errors" diff --git a/pkg/cluster/controllers/storage/job.go b/pkg/cluster/controllers/storage/job.go index 9f0de8b40..66e51e8ae 100644 --- a/pkg/cluster/controllers/storage/job.go +++ b/pkg/cluster/controllers/storage/job.go @@ -4,10 +4,10 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/common" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/common" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" + "github.com/plotly/harbor-operator/pkg/resources/checksum" batchv1 "k8s.io/api/batch/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" diff --git a/pkg/cluster/controllers/storage/minio.go b/pkg/cluster/controllers/storage/minio.go index 6ddf668cc..2d67c8f52 100644 --- a/pkg/cluster/controllers/storage/minio.go +++ b/pkg/cluster/controllers/storage/minio.go @@ -5,10 +5,10 @@ import ( "fmt" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - miniov2 "github.com/goharbor/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" - "github.com/goharbor/harbor-operator/pkg/cluster/k8s" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + miniov2 "github.com/plotly/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" + "github.com/plotly/harbor-operator/pkg/cluster/k8s" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" "github.com/ovh/configstore" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" diff --git a/pkg/cluster/controllers/storage/tenant.go b/pkg/cluster/controllers/storage/tenant.go index a19660421..cfa778c1b 100644 --- a/pkg/cluster/controllers/storage/tenant.go +++ b/pkg/cluster/controllers/storage/tenant.go @@ -6,12 +6,12 @@ import ( "reflect" "strings" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/cluster/controllers/common" - miniov2 "github.com/goharbor/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/cluster/controllers/common" + miniov2 "github.com/plotly/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" k8serror "k8s.io/apimachinery/pkg/api/errors" diff --git a/pkg/cluster/lcm/cr_staus_collection.go b/pkg/cluster/lcm/cr_staus_collection.go index 8ab6f2b97..398cce45d 100644 --- a/pkg/cluster/lcm/cr_staus_collection.go +++ b/pkg/cluster/lcm/cr_staus_collection.go @@ -17,7 +17,7 @@ package lcm import ( "sync" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" ) // CRStatusCollection is designed for collecting CRStatus of each dependant components. diff --git a/pkg/cluster/lcm/lcm.go b/pkg/cluster/lcm/lcm.go index c291d03a5..22b458f20 100644 --- a/pkg/cluster/lcm/lcm.go +++ b/pkg/cluster/lcm/lcm.go @@ -3,7 +3,7 @@ package lcm import ( "context" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/pkg/cluster/lcm/property_test.go b/pkg/cluster/lcm/property_test.go index 0364eeea5..34604e613 100644 --- a/pkg/cluster/lcm/property_test.go +++ b/pkg/cluster/lcm/property_test.go @@ -3,7 +3,7 @@ package lcm_test import ( "testing" - "github.com/goharbor/harbor-operator/pkg/cluster/lcm" + "github.com/plotly/harbor-operator/pkg/cluster/lcm" ) func TestProperties_Add(t *testing.T) { diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index d6fbd8039..d68981ed6 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -1,7 +1,7 @@ package config_test import ( - . "github.com/goharbor/harbor-operator/pkg/config" + . "github.com/plotly/harbor-operator/pkg/config" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "github.com/ovh/configstore" diff --git a/pkg/config/errors_test.go b/pkg/config/errors_test.go index c6c26fa88..e49239c7e 100644 --- a/pkg/config/errors_test.go +++ b/pkg/config/errors_test.go @@ -3,7 +3,7 @@ package config_test import ( "github.com/pkg/errors" - . "github.com/goharbor/harbor-operator/pkg/config" + . "github.com/plotly/harbor-operator/pkg/config" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "github.com/ovh/configstore" diff --git a/pkg/config/template/template.go b/pkg/config/template/template.go index bff1f0c5c..930a99a3e 100644 --- a/pkg/config/template/template.go +++ b/pkg/config/template/template.go @@ -5,7 +5,7 @@ import ( "os" "path" - "github.com/goharbor/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config" "github.com/ovh/configstore" "github.com/pkg/errors" "sigs.k8s.io/controller-runtime/pkg/healthz" diff --git a/pkg/controller/apply.go b/pkg/controller/apply.go index 1ffcd3f07..55f0dab0a 100644 --- a/pkg/controller/apply.go +++ b/pkg/controller/apply.go @@ -3,9 +3,9 @@ package controller import ( "context" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" apierrs "k8s.io/apimachinery/pkg/api/errors" diff --git a/pkg/controller/common.go b/pkg/controller/common.go index 652fa4cd4..913b602ce 100644 --- a/pkg/controller/common.go +++ b/pkg/controller/common.go @@ -4,16 +4,16 @@ import ( "context" "github.com/go-logr/logr" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - sgraph "github.com/goharbor/harbor-operator/pkg/controller/internal/graph" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/factories/owner" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + sgraph "github.com/plotly/harbor-operator/pkg/controller/internal/graph" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/owner" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/opentracing/opentracing-go" "github.com/ovh/configstore" "github.com/pkg/errors" diff --git a/pkg/controller/config.go b/pkg/controller/config.go index 86665acc2..1fd9d88e9 100644 --- a/pkg/controller/config.go +++ b/pkg/controller/config.go @@ -3,7 +3,7 @@ package controller import ( "context" - "github.com/goharbor/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config" ) func (c *Controller) StringConfig(ctx context.Context, key string, defaultValue string) (string, error) { diff --git a/pkg/controller/context.go b/pkg/controller/context.go index 95ea2e649..271a6d282 100644 --- a/pkg/controller/context.go +++ b/pkg/controller/context.go @@ -3,10 +3,10 @@ package controller import ( "context" - sgraph "github.com/goharbor/harbor-operator/pkg/controller/internal/graph" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/graph" + sgraph "github.com/plotly/harbor-operator/pkg/controller/internal/graph" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/graph" ctrl "sigs.k8s.io/controller-runtime" ) diff --git a/pkg/controller/errors.go b/pkg/controller/errors.go index c140bcb79..c25200eb6 100644 --- a/pkg/controller/errors.go +++ b/pkg/controller/errors.go @@ -5,7 +5,7 @@ import ( "strings" "time" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/logger" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" diff --git a/pkg/controller/garbagecollector.go b/pkg/controller/garbagecollector.go index e5b75ea5c..9c56c1cf5 100644 --- a/pkg/controller/garbagecollector.go +++ b/pkg/controller/garbagecollector.go @@ -3,8 +3,8 @@ package controller import ( "context" - sgraph "github.com/goharbor/harbor-operator/pkg/controller/internal/graph" - "github.com/goharbor/harbor-operator/pkg/graph" + sgraph "github.com/plotly/harbor-operator/pkg/controller/internal/graph" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" apierrors "k8s.io/apimachinery/pkg/api/errors" diff --git a/pkg/controller/helpers.go b/pkg/controller/helpers.go index 8c9be7741..2a01e46ea 100644 --- a/pkg/controller/helpers.go +++ b/pkg/controller/helpers.go @@ -3,8 +3,8 @@ package controller import ( "context" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/utils/strings" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/utils/strings" ) func (c *Controller) NormalizeName(ctx context.Context, name string, suffixes ...string) string { diff --git a/pkg/controller/internal/graph/graph.go b/pkg/controller/internal/graph/graph.go index 6d7c2ee53..f6d8a34b9 100644 --- a/pkg/controller/internal/graph/graph.go +++ b/pkg/controller/internal/graph/graph.go @@ -3,7 +3,7 @@ package graph import ( "context" - "github.com/goharbor/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/graph" ) var graphKey = "graph" diff --git a/pkg/controller/mutation.go b/pkg/controller/mutation.go index 0ad9a38ba..89ee92343 100644 --- a/pkg/controller/mutation.go +++ b/pkg/controller/mutation.go @@ -5,12 +5,12 @@ import ( "fmt" "strings" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/controller/mutation" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/factories/owner" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/controller/mutation" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/owner" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" diff --git a/pkg/controller/mutation/annotations.go b/pkg/controller/mutation/annotations.go index 8a2555d80..231b3bafb 100644 --- a/pkg/controller/mutation/annotations.go +++ b/pkg/controller/mutation/annotations.go @@ -1,7 +1,7 @@ package mutation import ( - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/pkg/controller/mutation/annotations_test.go b/pkg/controller/mutation/annotations_test.go index 076a73ed6..9b32ed78d 100644 --- a/pkg/controller/mutation/annotations_test.go +++ b/pkg/controller/mutation/annotations_test.go @@ -3,11 +3,11 @@ package mutation_test import ( "context" - . "github.com/goharbor/harbor-operator/pkg/controller/mutation" + . "github.com/plotly/harbor-operator/pkg/controller/mutation" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" corev1 "k8s.io/api/core/v1" ) diff --git a/pkg/controller/mutation/labels.go b/pkg/controller/mutation/labels.go index fe232fe14..6e75a975a 100644 --- a/pkg/controller/mutation/labels.go +++ b/pkg/controller/mutation/labels.go @@ -1,7 +1,7 @@ package mutation import ( - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/pkg/controller/mutation/labels_test.go b/pkg/controller/mutation/labels_test.go index 9816eca47..2c95abf07 100644 --- a/pkg/controller/mutation/labels_test.go +++ b/pkg/controller/mutation/labels_test.go @@ -3,11 +3,11 @@ package mutation_test import ( "context" - . "github.com/goharbor/harbor-operator/pkg/controller/mutation" + . "github.com/plotly/harbor-operator/pkg/controller/mutation" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" corev1 "k8s.io/api/core/v1" ) diff --git a/pkg/controller/mutation/meta.go b/pkg/controller/mutation/meta.go index 754d56e04..f0c8260b4 100644 --- a/pkg/controller/mutation/meta.go +++ b/pkg/controller/mutation/meta.go @@ -3,7 +3,7 @@ package mutation import ( "context" - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/controller/mutation/noop.go b/pkg/controller/mutation/noop.go index 32a809576..9bf7bb50c 100644 --- a/pkg/controller/mutation/noop.go +++ b/pkg/controller/mutation/noop.go @@ -3,7 +3,7 @@ package mutation import ( "context" - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/controller/mutation/owner.go b/pkg/controller/mutation/owner.go index 8ee6c5bf0..3fb35cc05 100644 --- a/pkg/controller/mutation/owner.go +++ b/pkg/controller/mutation/owner.go @@ -3,7 +3,7 @@ package mutation import ( "context" - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" diff --git a/pkg/controller/mutation/owner_test.go b/pkg/controller/mutation/owner_test.go index bf5946b50..3012d66ef 100644 --- a/pkg/controller/mutation/owner_test.go +++ b/pkg/controller/mutation/owner_test.go @@ -3,12 +3,12 @@ package mutation_test import ( "context" - . "github.com/goharbor/harbor-operator/pkg/controller/mutation" + . "github.com/plotly/harbor-operator/pkg/controller/mutation" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/pkg/resources" - "github.com/goharbor/harbor-operator/pkg/scheme" + "github.com/plotly/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/scheme" "github.com/onsi/gomega/gstruct" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/controller/opentracing.go b/pkg/controller/opentracing.go index 5e5dc204f..81d71666c 100644 --- a/pkg/controller/opentracing.go +++ b/pkg/controller/opentracing.go @@ -3,7 +3,7 @@ package controller import ( "context" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/logger" "github.com/opentracing/opentracing-go" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/controller/ready.go b/pkg/controller/ready.go index 425a2096a..7eda3153e 100644 --- a/pkg/controller/ready.go +++ b/pkg/controller/ready.go @@ -4,11 +4,11 @@ import ( "context" "fmt" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources/checksum" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/controller/resource.go b/pkg/controller/resource.go index 0644335b1..db3d3a85b 100644 --- a/pkg/controller/resource.go +++ b/pkg/controller/resource.go @@ -3,13 +3,13 @@ package controller import ( "context" - sgraph "github.com/goharbor/harbor-operator/pkg/controller/internal/graph" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/factories/owner" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" - "github.com/goharbor/harbor-operator/pkg/resources/statuscheck" + sgraph "github.com/plotly/harbor-operator/pkg/controller/internal/graph" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/owner" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/resources/checksum" + "github.com/plotly/harbor-operator/pkg/resources/statuscheck" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" diff --git a/pkg/controller/resource_test.go b/pkg/controller/resource_test.go index 34f1e60c6..8ece532db 100644 --- a/pkg/controller/resource_test.go +++ b/pkg/controller/resource_test.go @@ -3,16 +3,16 @@ package controller_test import ( "context" - "github.com/goharbor/harbor-operator/controllers" - . "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/scheme" + "github.com/plotly/harbor-operator/controllers" + . "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/scheme" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/owner" - "github.com/goharbor/harbor-operator/pkg/graph" - "github.com/goharbor/harbor-operator/pkg/resources" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/owner" + "github.com/plotly/harbor-operator/pkg/graph" + "github.com/plotly/harbor-operator/pkg/resources" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/pkg/controller/secret-format.go b/pkg/controller/secret-format.go index c11e55b31..8df609d72 100644 --- a/pkg/controller/secret-format.go +++ b/pkg/controller/secret-format.go @@ -3,8 +3,8 @@ package controller import ( "context" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/graph" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/graph" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" diff --git a/pkg/controller/status.go b/pkg/controller/status.go index 3b5f4eab4..d2b9f6403 100644 --- a/pkg/controller/status.go +++ b/pkg/controller/status.go @@ -3,10 +3,10 @@ package controller import ( "context" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/resources" - sstatus "github.com/goharbor/harbor-operator/pkg/status" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/resources" + sstatus "github.com/plotly/harbor-operator/pkg/status" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" diff --git a/pkg/controller/template.go b/pkg/controller/template.go index e324d171f..a4506cc0c 100644 --- a/pkg/controller/template.go +++ b/pkg/controller/template.go @@ -7,9 +7,9 @@ import ( "text/template" "github.com/Masterminds/sprig" - serrors "github.com/goharbor/harbor-operator/pkg/controller/errors" - resources "github.com/goharbor/harbor-operator/pkg/resources" - template2 "github.com/goharbor/harbor-operator/pkg/template" + serrors "github.com/plotly/harbor-operator/pkg/controller/errors" + resources "github.com/plotly/harbor-operator/pkg/resources" + template2 "github.com/plotly/harbor-operator/pkg/template" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" ) diff --git a/pkg/event-filter/class/class.go b/pkg/event-filter/class/class.go index 64865d030..351ed7cab 100644 --- a/pkg/event-filter/class/class.go +++ b/pkg/event-filter/class/class.go @@ -1,7 +1,7 @@ package class import ( - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/event" ) diff --git a/pkg/event-filter/class/class_test.go b/pkg/event-filter/class/class_test.go index 64272daa4..f17d5f3ce 100644 --- a/pkg/event-filter/class/class_test.go +++ b/pkg/event-filter/class/class_test.go @@ -4,11 +4,11 @@ import ( "context" "fmt" - . "github.com/goharbor/harbor-operator/pkg/event-filter/class" + . "github.com/plotly/harbor-operator/pkg/event-filter/class" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/event" diff --git a/pkg/event-filter/class/suite_test.go b/pkg/event-filter/class/suite_test.go index 62d93f749..b91bd11e8 100644 --- a/pkg/event-filter/class/suite_test.go +++ b/pkg/event-filter/class/suite_test.go @@ -4,11 +4,11 @@ import ( "context" "testing" - . "github.com/goharbor/harbor-operator/pkg/event-filter/class" + . "github.com/plotly/harbor-operator/pkg/event-filter/class" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/logger" "sigs.k8s.io/controller-runtime/pkg/log/zap" ) diff --git a/pkg/graph/graph_test.go b/pkg/graph/graph_test.go index 24e12f7f4..6086456fa 100644 --- a/pkg/graph/graph_test.go +++ b/pkg/graph/graph_test.go @@ -3,7 +3,7 @@ package graph_test import ( "context" - . "github.com/goharbor/harbor-operator/pkg/graph" + . "github.com/plotly/harbor-operator/pkg/graph" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" diff --git a/pkg/graph/runner.go b/pkg/graph/runner.go index edbede7a3..372ce4517 100644 --- a/pkg/graph/runner.go +++ b/pkg/graph/runner.go @@ -4,7 +4,7 @@ import ( "context" "sync" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/logger" "github.com/opentracing/opentracing-go" "golang.org/x/sync/errgroup" ) diff --git a/pkg/graph/runner_test.go b/pkg/graph/runner_test.go index 418a15d76..85d6de5ee 100644 --- a/pkg/graph/runner_test.go +++ b/pkg/graph/runner_test.go @@ -4,7 +4,7 @@ import ( "context" "sync/atomic" - . "github.com/goharbor/harbor-operator/pkg/graph" + . "github.com/plotly/harbor-operator/pkg/graph" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" diff --git a/pkg/graph/suite_test.go b/pkg/graph/suite_test.go index f493c2e3e..f20c4996d 100644 --- a/pkg/graph/suite_test.go +++ b/pkg/graph/suite_test.go @@ -4,7 +4,7 @@ import ( "context" "testing" - . "github.com/goharbor/harbor-operator/pkg/graph" + . "github.com/plotly/harbor-operator/pkg/graph" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) diff --git a/pkg/graph/types_test.go b/pkg/graph/types_test.go index bbb8f5ee4..3169bc97a 100644 --- a/pkg/graph/types_test.go +++ b/pkg/graph/types_test.go @@ -1,7 +1,7 @@ package graph_test import ( - . "github.com/goharbor/harbor-operator/pkg/graph" + . "github.com/plotly/harbor-operator/pkg/graph" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" diff --git a/pkg/image/image_test.go b/pkg/image/image_test.go index 8cfd1458b..0c0f15743 100644 --- a/pkg/image/image_test.go +++ b/pkg/image/image_test.go @@ -5,8 +5,8 @@ import ( "fmt" "os" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - . "github.com/goharbor/harbor-operator/pkg/image" + "github.com/plotly/harbor-operator/pkg/factories/logger" + . "github.com/plotly/harbor-operator/pkg/image" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "sigs.k8s.io/controller-runtime/pkg/log/zap" diff --git a/pkg/manager/manager.go b/pkg/manager/manager.go index 045c823a4..8e98f91c5 100644 --- a/pkg/manager/manager.go +++ b/pkg/manager/manager.go @@ -5,8 +5,8 @@ import ( "fmt" "net/http" - "github.com/goharbor/harbor-operator/pkg/config" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/factories/logger" nettracing "github.com/opentracing-contrib/go-stdlib/nethttp" "github.com/ovh/configstore" "github.com/pkg/errors" diff --git a/pkg/resources/checksum/checksum.go b/pkg/resources/checksum/checksum.go index c3f4e3809..a22b681a4 100644 --- a/pkg/resources/checksum/checksum.go +++ b/pkg/resources/checksum/checksum.go @@ -6,8 +6,8 @@ import ( "strings" "sync" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/version" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/version" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/resources/checksum/checksum_test.go b/pkg/resources/checksum/checksum_test.go index 7847273bc..46cdf87d4 100644 --- a/pkg/resources/checksum/checksum_test.go +++ b/pkg/resources/checksum/checksum_test.go @@ -3,10 +3,10 @@ package checksum_test import ( "context" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/pkg/resources/checksum" - "github.com/goharbor/harbor-operator/pkg/scheme" - "github.com/goharbor/harbor-operator/pkg/version" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/resources/checksum" + "github.com/plotly/harbor-operator/pkg/scheme" + "github.com/plotly/harbor-operator/pkg/version" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" appsv1 "k8s.io/api/apps/v1" diff --git a/pkg/resources/statuscheck/basic_test.go b/pkg/resources/statuscheck/basic_test.go index f03c8ec68..cc7e7c6d4 100644 --- a/pkg/resources/statuscheck/basic_test.go +++ b/pkg/resources/statuscheck/basic_test.go @@ -4,14 +4,14 @@ import ( "context" "fmt" - . "github.com/goharbor/harbor-operator/pkg/resources/statuscheck" + . "github.com/plotly/harbor-operator/pkg/resources/statuscheck" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "sigs.k8s.io/kustomize/kstatus/status" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/scheme" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/scheme" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" ) diff --git a/pkg/resources/statuscheck/certificate_test.go b/pkg/resources/statuscheck/certificate_test.go index 6f85ec1e7..962cf97cb 100644 --- a/pkg/resources/statuscheck/certificate_test.go +++ b/pkg/resources/statuscheck/certificate_test.go @@ -4,11 +4,11 @@ import ( "context" "time" - . "github.com/goharbor/harbor-operator/pkg/resources/statuscheck" + . "github.com/plotly/harbor-operator/pkg/resources/statuscheck" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/pkg/scheme" + "github.com/plotly/harbor-operator/pkg/scheme" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/resources/statuscheck/unstructured.go b/pkg/resources/statuscheck/unstructured.go index 7d229aefe..399147535 100644 --- a/pkg/resources/statuscheck/unstructured.go +++ b/pkg/resources/statuscheck/unstructured.go @@ -3,7 +3,7 @@ package statuscheck import ( "context" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/logger" "github.com/pkg/errors" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/pkg/resources/statuscheck/unstructured_test.go b/pkg/resources/statuscheck/unstructured_test.go index 83d879ca2..0c80d5f94 100644 --- a/pkg/resources/statuscheck/unstructured_test.go +++ b/pkg/resources/statuscheck/unstructured_test.go @@ -4,13 +4,13 @@ import ( "context" "fmt" - . "github.com/goharbor/harbor-operator/pkg/resources/statuscheck" + . "github.com/plotly/harbor-operator/pkg/resources/statuscheck" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1" - "github.com/goharbor/harbor-operator/pkg/scheme" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + harbormetav1 "github.com/plotly/harbor-operator/apis/meta/v1alpha1" + "github.com/plotly/harbor-operator/pkg/scheme" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" diff --git a/pkg/rest/client.go b/pkg/rest/client.go index de927b1d8..89d047cd4 100644 --- a/pkg/rest/client.go +++ b/pkg/rest/client.go @@ -4,9 +4,9 @@ import ( "context" "fmt" - goharborv1beta1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/rest/model" - v2 "github.com/goharbor/harbor-operator/pkg/rest/v2" + goharborv1beta1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/rest/model" + v2 "github.com/plotly/harbor-operator/pkg/rest/v2" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/pkg/rest/v2/client.go b/pkg/rest/v2/client.go index 5d87d8a53..045ad37bc 100644 --- a/pkg/rest/v2/client.go +++ b/pkg/rest/v2/client.go @@ -9,8 +9,8 @@ import ( "github.com/goharbor/go-client/pkg/sdk/v2.0/client/health" "github.com/goharbor/go-client/pkg/sdk/v2.0/client/robotv1" "github.com/goharbor/go-client/pkg/sdk/v2.0/models" - "github.com/goharbor/harbor-operator/pkg/rest/model" - utilstring "github.com/goharbor/harbor-operator/pkg/utils/strings" + "github.com/plotly/harbor-operator/pkg/rest/model" + utilstring "github.com/plotly/harbor-operator/pkg/utils/strings" "github.com/pkg/errors" ctrl "sigs.k8s.io/controller-runtime" ) diff --git a/pkg/rule/rule_test.go b/pkg/rule/rule_test.go index beea1d91a..f8e630e50 100644 --- a/pkg/rule/rule_test.go +++ b/pkg/rule/rule_test.go @@ -3,7 +3,7 @@ package rule_test import ( "testing" - "github.com/goharbor/harbor-operator/pkg/rule" + "github.com/plotly/harbor-operator/pkg/rule" "github.com/stretchr/testify/require" ) diff --git a/pkg/scheme/scheme.go b/pkg/scheme/scheme.go index 630a81547..b989ea064 100644 --- a/pkg/scheme/scheme.go +++ b/pkg/scheme/scheme.go @@ -3,9 +3,9 @@ package scheme import ( "context" - goharborv1alpha3 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1alpha3" - goharborv1beta1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - minio "github.com/goharbor/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" + goharborv1alpha3 "github.com/plotly/harbor-operator/apis/goharbor.io/v1alpha3" + goharborv1beta1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + minio "github.com/plotly/harbor-operator/pkg/cluster/controllers/storage/minio/apis/minio.min.io/v2" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" "github.com/pkg/errors" redisfailoverv1 "github.com/spotahome/redis-operator/api/redisfailover/v1" diff --git a/pkg/scheme/scheme_test.go b/pkg/scheme/scheme_test.go index d5da6d70a..1aa7f7498 100644 --- a/pkg/scheme/scheme_test.go +++ b/pkg/scheme/scheme_test.go @@ -3,7 +3,7 @@ package scheme_test import ( "context" - . "github.com/goharbor/harbor-operator/pkg/scheme" + . "github.com/plotly/harbor-operator/pkg/scheme" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/runtime" diff --git a/pkg/setup/controllers.go b/pkg/setup/controllers.go index cab7d7301..f9ab49c6f 100644 --- a/pkg/setup/controllers.go +++ b/pkg/setup/controllers.go @@ -6,26 +6,26 @@ import ( "os" "path" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/controllers/goharbor/chartmuseum" - "github.com/goharbor/harbor-operator/controllers/goharbor/configuration" - "github.com/goharbor/harbor-operator/controllers/goharbor/core" - "github.com/goharbor/harbor-operator/controllers/goharbor/exporter" - "github.com/goharbor/harbor-operator/controllers/goharbor/harbor" - "github.com/goharbor/harbor-operator/controllers/goharbor/harborcluster" - "github.com/goharbor/harbor-operator/controllers/goharbor/harborserverconfiguration" - "github.com/goharbor/harbor-operator/controllers/goharbor/jobservice" - "github.com/goharbor/harbor-operator/controllers/goharbor/namespace" - "github.com/goharbor/harbor-operator/controllers/goharbor/notaryserver" - "github.com/goharbor/harbor-operator/controllers/goharbor/notarysigner" - "github.com/goharbor/harbor-operator/controllers/goharbor/portal" - "github.com/goharbor/harbor-operator/controllers/goharbor/project" - "github.com/goharbor/harbor-operator/controllers/goharbor/pullsecretbinding" - "github.com/goharbor/harbor-operator/controllers/goharbor/registry" - "github.com/goharbor/harbor-operator/controllers/goharbor/trivy" - "github.com/goharbor/harbor-operator/pkg/config" - commonCtrl "github.com/goharbor/harbor-operator/pkg/controller" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/controllers/goharbor/chartmuseum" + "github.com/plotly/harbor-operator/controllers/goharbor/configuration" + "github.com/plotly/harbor-operator/controllers/goharbor/core" + "github.com/plotly/harbor-operator/controllers/goharbor/exporter" + "github.com/plotly/harbor-operator/controllers/goharbor/harbor" + "github.com/plotly/harbor-operator/controllers/goharbor/harborcluster" + "github.com/plotly/harbor-operator/controllers/goharbor/harborserverconfiguration" + "github.com/plotly/harbor-operator/controllers/goharbor/jobservice" + "github.com/plotly/harbor-operator/controllers/goharbor/namespace" + "github.com/plotly/harbor-operator/controllers/goharbor/notaryserver" + "github.com/plotly/harbor-operator/controllers/goharbor/notarysigner" + "github.com/plotly/harbor-operator/controllers/goharbor/portal" + "github.com/plotly/harbor-operator/controllers/goharbor/project" + "github.com/plotly/harbor-operator/controllers/goharbor/pullsecretbinding" + "github.com/plotly/harbor-operator/controllers/goharbor/registry" + "github.com/plotly/harbor-operator/controllers/goharbor/trivy" + "github.com/plotly/harbor-operator/pkg/config" + commonCtrl "github.com/plotly/harbor-operator/pkg/controller" + "github.com/plotly/harbor-operator/pkg/factories/logger" "github.com/ovh/configstore" "github.com/pkg/errors" "sigs.k8s.io/controller-runtime/pkg/manager" diff --git a/pkg/setup/logger.go b/pkg/setup/logger.go index 664b1cc08..30a316815 100644 --- a/pkg/setup/logger.go +++ b/pkg/setup/logger.go @@ -3,7 +3,7 @@ package setup import ( "context" - "github.com/goharbor/harbor-operator/pkg/config" + "github.com/plotly/harbor-operator/pkg/config" "github.com/ovh/configstore" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/pkg/setup/setup.go b/pkg/setup/setup.go index 0e0d7ae4d..c64f3a37f 100644 --- a/pkg/setup/setup.go +++ b/pkg/setup/setup.go @@ -3,10 +3,10 @@ package setup import ( "context" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" - "github.com/goharbor/harbor-operator/webhooks/harborserverconfiguration" - "github.com/goharbor/harbor-operator/webhooks/pod" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/webhooks/harborserverconfiguration" + "github.com/plotly/harbor-operator/webhooks/pod" "github.com/pkg/errors" "golang.org/x/sync/errgroup" kauthn "k8s.io/api/authorization/v1" diff --git a/pkg/setup/webhooks.go b/pkg/setup/webhooks.go index 71aab475e..45a5c5779 100644 --- a/pkg/setup/webhooks.go +++ b/pkg/setup/webhooks.go @@ -4,9 +4,9 @@ import ( "context" "fmt" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/controllers" - "github.com/goharbor/harbor-operator/pkg/config" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/controllers" + "github.com/plotly/harbor-operator/pkg/config" "github.com/ovh/configstore" "sigs.k8s.io/controller-runtime/pkg/manager" ) diff --git a/pkg/status/status_test.go b/pkg/status/status_test.go index 1d50b645c..c27bfad70 100644 --- a/pkg/status/status_test.go +++ b/pkg/status/status_test.go @@ -3,7 +3,7 @@ package common_test import ( "context" - . "github.com/goharbor/harbor-operator/pkg/status" + . "github.com/plotly/harbor-operator/pkg/status" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" diff --git a/pkg/tracing/tracing.go b/pkg/tracing/tracing.go index d79ad32e7..41c2ab53d 100644 --- a/pkg/tracing/tracing.go +++ b/pkg/tracing/tracing.go @@ -6,8 +6,8 @@ import ( "sync" kit_log "github.com/go-kit/kit/log" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" jaeger_kit "github.com/jaegertracing/jaeger-lib/client/log/go-kit" "github.com/opentracing/opentracing-go" "github.com/ovh/configstore" diff --git a/pkg/tracing/tracing_test.go b/pkg/tracing/tracing_test.go index 97347def9..882d1fa81 100644 --- a/pkg/tracing/tracing_test.go +++ b/pkg/tracing/tracing_test.go @@ -6,12 +6,12 @@ import ( "os" "sync/atomic" - . "github.com/goharbor/harbor-operator/pkg/tracing" + . "github.com/plotly/harbor-operator/pkg/tracing" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/goharbor/harbor-operator/pkg/factories/application" - "github.com/goharbor/harbor-operator/pkg/factories/logger" + "github.com/plotly/harbor-operator/pkg/factories/application" + "github.com/plotly/harbor-operator/pkg/factories/logger" "github.com/opentracing/opentracing-go" "sigs.k8s.io/controller-runtime/pkg/log/zap" ) diff --git a/pkg/version/version.go b/pkg/version/version.go index 9a4021a65..5b1a51dfd 100644 --- a/pkg/version/version.go +++ b/pkg/version/version.go @@ -21,6 +21,7 @@ func init() { //nolint:gochecknoinits "~2.4.x", "~2.5.x", "~2.6.x", + "~2.10.x", ) } diff --git a/pkg/version/version_test.go b/pkg/version/version_test.go index 52b017a35..bead757b5 100644 --- a/pkg/version/version_test.go +++ b/pkg/version/version_test.go @@ -1,7 +1,7 @@ package version_test import ( - "github.com/goharbor/harbor-operator/pkg/version" + "github.com/plotly/harbor-operator/pkg/version" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) diff --git a/webhooks/harborserverconfiguration/webhook.go b/webhooks/harborserverconfiguration/webhook.go index 98c4fd434..de89f0fc4 100644 --- a/webhooks/harborserverconfiguration/webhook.go +++ b/webhooks/harborserverconfiguration/webhook.go @@ -7,7 +7,7 @@ import ( "strings" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" "github.com/umisama/go-regexpcache" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/webhooks/pod/containers.go b/webhooks/pod/containers.go index 361910698..73148ce14 100644 --- a/webhooks/pod/containers.go +++ b/webhooks/pod/containers.go @@ -5,7 +5,7 @@ import ( "strings" "github.com/containers/image/v5/docker/reference" - "github.com/goharbor/harbor-operator/pkg/rule" + "github.com/plotly/harbor-operator/pkg/rule" "github.com/umisama/go-regexpcache" ) diff --git a/webhooks/pod/containers_test.go b/webhooks/pod/containers_test.go index 9acfa06c1..ed1dfbbaa 100644 --- a/webhooks/pod/containers_test.go +++ b/webhooks/pod/containers_test.go @@ -4,7 +4,7 @@ import ( "testing" "github.com/containers/image/v5/docker/reference" - "github.com/goharbor/harbor-operator/webhooks/pod" + "github.com/plotly/harbor-operator/webhooks/pod" "github.com/stretchr/testify/require" ) diff --git a/webhooks/pod/mutate_image_path.go b/webhooks/pod/mutate_image_path.go index 88c598488..04c41e014 100644 --- a/webhooks/pod/mutate_image_path.go +++ b/webhooks/pod/mutate_image_path.go @@ -8,9 +8,9 @@ import ( "strings" "github.com/go-logr/logr" - goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1" - "github.com/goharbor/harbor-operator/pkg/rule" - "github.com/goharbor/harbor-operator/pkg/utils/consts" + goharborv1 "github.com/plotly/harbor-operator/apis/goharbor.io/v1beta1" + "github.com/plotly/harbor-operator/pkg/rule" + "github.com/plotly/harbor-operator/pkg/utils/consts" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" apierr "k8s.io/apimachinery/pkg/api/errors"